Auditable Privacy: On Tamper-evident Mix Networks
J.Y. Choi, P. Golle and M. Jakobsson.
We introduce the notion of tamper-evidence for mix networks in order
to defend against attacks aimed at covertly leaking secret information
held by corrupted mix servers. This is achieved by letting observers
(which need not be trusted) verify the absence of covert channels by
means of techniques we introduce herein. Our tamper-evident mix
network is a type of re-encryption mixnet in which a server proves
that the permutation and re-encryption factors that it uses are
correctly derived from a random seed to which the server is committed.