Len Sassaman

Learn More
We describe the Pynchon Gate, a practical pseudonymous message retrieval system. Our design uses a simple distributed-trust private information retrieval protocol to prevent adversaries from linking recipients to their pseudonyms, even when some of the infrastructure has been compromised. This approach resists global traffic analysis significantly better(More)
This thesis presents information theoretic anonymity metrics and various analysis of anonymous communication nodes. Our contributions are a step towards the understanding of anonymity properties and the development of robust anonymous communications. Anonymous communications are an essential building block for privacy-enhanced applications, as the data(More)
We present an approach to improving the security of complex, composed systems based on formal language theory, and show how this approach leads to advances in input validation, security modeling, attack surface reduction, and ultimately, software design and programming methodology. We cite examples based on real-world security flaws in common protocols(More)
In recent years, there have been several proposals for anonymous communication systems that provide intentional weaknesses to allow anonymity to be circumvented in special cases. These anonymity revocation schemes attempt to retain the properties of strong anonymity systems while granting a special class of people the ability to selectively break through(More)
A dummy traffic strategy is described that can be implemented by mix nodes in an anonymous communication network to detect and counter active (<i>n</i> - 1) attacks and their variants. <i>Heartbeat</i> messages are sent anonymously from the mix node back to itself in order to establish its state of connectivity with the rest of the network. In case the mix(More)
Jon Postel's Robustness Principle- "Be conservative in what you do, and liberal in what you accept from others"- played a fundamental role in how Internet protocols were designed and implemented. Its influence went far beyond direct application by Internet Engineering Task Force (IETF) designers, as generations of programmers learned from examples of the(More)
Over the last several decades, there have been numerous proposals for systems which can preserve the anonymity of the recipient of some data. Some have involved trusted third-parties or trusted hardware; others have been constructed on top of link-layer anonymity systems or mix-nets. In this paper, we evaluate a pseudonymous message system which takes the(More)