tor/doc/tor-design.bib

% fix me
@misc{tannenbaum96,
  author = "Andrew Tannenbaum",
  title = "Computer Networks",
  year = "1996",
  publisher = "Prentice Hall, 3rd edition",
}

@article{ meadows96,
    author = "Catherine Meadows",
    title = "The {NRL} Protocol Analyzer: An Overview",
    journal = "Journal of Logic Programming",
    volume = "26",
    number = "2",
    pages = "113--131",
    year = "1996",
}
@inproceedings{kesdogan:pet2002,
  title = {Unobservable Surfing on the World Wide Web: Is Private Information Retrieval an
        alternative to the MIX based Approach?}, 
  author = {Dogan Kesdogan and Mark Borning and Michael Schmeink}, 
  booktitle = {Privacy Enhancing Technologies (PET 2002)},
  year = {2002}, 
  month = {April}, 
  editor = {Roger Dingledine and Paul Syverson}, 
  publisher = {Springer-Verlag, LNCS 2482}, 
}

@inproceedings{statistical-disclosure,
  title = {Statistical Disclosure Attacks}, 
  author = {George Danezis}, 
  booktitle = {Security and Privacy in the Age of Uncertainty ({SEC2003})}, 
  organization = {{IFIP TC11}}, 
  year = {2003}, 
  month = {May}, 
  address = {Athens}, 
  pages = {421--426}, 
  publisher = {Kluwer}, 
}

@inproceedings{limits-open,
  title = {Limits of Anonymity in Open Environments}, 
  author = {Dogan Kesdogan and Dakshi Agrawal and Stefan Penz}, 
  booktitle = {Information Hiding Workshop (IH 2002)}, 
  year = {2002}, 
  month = {October}, 
  editor = {Fabien Petitcolas}, 
  publisher = {Springer-Verlag, LNCS 2578}, 
}

@inproceedings{isdn-mixes,
  title = {{ISDN-mixes: Untraceable communication with very small bandwidth overhead}}, 
  author = {Andreas Pfitzmann and Birgit Pfitzmann and Michael Waidner}, 
  booktitle = {GI/ITG Conference on Communication in Distributed Systems}, 
  year = {1991}, 
  month = {February}, 
  pages = {451-463}, 
}


@Article{jerichow-jsac98,
  author = 	 {Anja Jerichow and Jan M\"{u}ller and Andreas
                  Pfitzmann and Birgit Pfitzmann and Michael Waidner},
  title = 	 {Real-Time Mixes: A Bandwidth-Efficient Anonymity Protocol},
  journal = 	 {IEEE Journal on Selected Areas in Communications},
  year = 	 1998,
  volume =	 16,
  number =	 4,
  pages =	 {495--509},
  month =	 {May}
}

@inproceedings{tarzan:ccs02,
  title = {Tarzan: A Peer-to-Peer Anonymizing Network Layer}, 
  author = {Michael J. Freedman and Robert Morris}, 
  booktitle = {9th {ACM} {C}onference on {C}omputer and {C}ommunications
        {S}ecurity ({CCS 2002})}, 
  year = {2002}, 
  month = {November}, 
  address = {Washington, DC}, 
}

@inproceedings{cebolla,
  title = {{Cebolla: Pragmatic IP Anonymity}}, 
  author = {Zach Brown}, 
  booktitle = {Ottawa Linux Symposium}, 
  year = {2002}, 
  month = {June}, 
}

@misc{eax,
  author = "M. Bellare and P. Rogaway and D. Wagner",
  title = "A conventional authenticated-encryption mode",
  howpublished = {Manuscript},
  month = {April},
  year = {2003},
}

@misc{darkside,
  title = {{The Dark Side of the Web: An Open Proxy's View}},
  author = {Vivek S. Pai and Limin Wang and KyoungSoo Park and Ruoming Pang and Larry Peterson},
  note = {\newline \url{http://codeen.cs.princeton.edu/}},
}
%  note = {Submitted to HotNets-II. \url{http://codeen.cs.princeton.edu/}},

@Misc{anonymizer,
  key =          {anonymizer},
  title =        {The {Anonymizer}},
  note =         {\url{http://anonymizer.com/}}
}

@Misc{privoxy,
  key =          {privoxy},
  title =        {{Privoxy}},
  note =         {\url{http://www.privoxy.org/}}
}

@inproceedings{anonnet,
  title = {{Analysis of an Anonymity Network for Web Browsing}}, 
  author = {Marc Rennhard and Sandro Rafaeli and Laurent Mathy and Bernhard Plattner and
        David Hutchison}, 
  booktitle = {{IEEE 7th Intl. Workshop on Enterprise Security (WET ICE
        2002)}}, 
  year = {2002}, 
  month = {June}, 
  address = {Pittsburgh, USA}, 
}
%  pages = {49--54}, 

@inproceedings{econymics,
  title = {On the Economics of Anonymity}, 
  author = {Alessandro Acquisti and Roger Dingledine and Paul Syverson}, 
  booktitle = {Financial Cryptography}, 
  year = {2003}, 
  editor = {Rebecca N. Wright}, 
  publisher = {Springer-Verlag, LNCS 2742}, 
}

@inproceedings{defensive-dropping,
  title = {Timing Analysis in Low-Latency Mix-Based Systems},
  author = {Brian N. Levine and Michael K. Reiter and Chenxi Wang and Matthew Wright},
  booktitle = {Financial Cryptography},
  year = {2004}, 
  editor = {Ari Juels},
  publisher = {Springer-Verlag, LNCS (forthcoming)}, 
}

@inproceedings{morphmix:fc04,
  title = {Practical Anonymity for the Masses with MorphMix},
  author = {Marc Rennhard and Bernhard Plattner},
  booktitle = {Financial Cryptography},
  year = {2004}, 
  editor = {Ari Juels},
  publisher = {Springer-Verlag, LNCS (forthcoming)}, 
}

@inproceedings{eternity,
  title = {The Eternity Service}, 
  author = {Ross Anderson}, 
  booktitle = {Pragocrypt '96}, 
  year = {1996}, 
}
  %note =  {\url{http://www.cl.cam.ac.uk/users/rja14/eternity/eternity.html}}, 


@inproceedings{minion-design,
  title = {Mixminion: Design of a Type {III} Anonymous Remailer Protocol}, 
  author = {George Danezis and Roger Dingledine and Nick Mathewson}, 
  booktitle = {2003 IEEE Symposium on Security and Privacy}, 
  year = {2003}, 
  month = {May},
  publisher = {IEEE CS},
  pages = {2--15}, 
}
  %note = {\url{http://mixminion.net/minion-design.pdf}}, 

@inproceedings{ rao-pseudonymity,
    author = "Josyula R. Rao and Pankaj Rohatgi",
    title = "Can Pseudonymity Really Guarantee Privacy?",
    booktitle = "Proceedings of the Ninth USENIX Security Symposium",
    year = {2000},
    month = Aug,
    publisher = {USENIX},
    pages = "85--96",
}
    %note = {\url{http://www.usenix.org/publications/library/proceedings/sec2000/
%full_papers/rao/rao.pdf}},

@InProceedings{pfitzmann90how,
    author = "Birgit Pfitzmann and Andreas Pfitzmann",
    title = "How to Break the Direct {RSA}-Implementation of {MIXes}",
    booktitle = {Eurocrypt 89},
    publisher = {Springer-Verlag, LNCS 434},
    year = {1990},
    note = {\url{http://citeseer.nj.nec.com/pfitzmann90how.html}},
}

@Misc{tor-spec,
   author =      {Roger Dingledine and Nick Mathewson},
   title =       {Tor Protocol Specifications},
   note =        {\url{http://freehaven.net/tor/tor-spec.txt}},
}

@InProceedings{BM:mixencrypt,
  author =       {M{\"o}ller, Bodo},
  title =        {Provably Secure Public-Key Encryption for Length-Preserving Chaumian Mixes},
  booktitle =    {{CT-RSA} 2003},
  publisher =    {Springer-Verlag, LNCS 2612},
  year =         2003,
}

@InProceedings{back01,
  author =       {Adam Back and Ulf M\"oller and Anton Stiglic},
  title =        {Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems},
  booktitle =    {Information Hiding (IH 2001)},
  pages =        {245--257},
  year =         2001,
  editor =       {Ira S. Moskowitz},
  publisher =    {Springer-Verlag, LNCS 2137},
}
  %note =         {\newline \url{http://www.cypherspace.org/adam/pubs/traffic.pdf}},

@InProceedings{rackoff93cryptographic,
   author =      {Charles Rackoff and Daniel R. Simon},
   title =       {Cryptographic Defense Against Traffic Analysis},
   booktitle =   {{ACM} Symposium on Theory of Computing},
   pages =       {672--681},
   year =        {1993},
}
   %note =        {\url{http://research.microsoft.com/crypto/dansimon/me.htm}},

@InProceedings{freehaven-berk,
   author =      {Roger Dingledine and Michael J. Freedman and David Molnar},
   title =       {The Free Haven Project: Distributed Anonymous Storage Service},
   booktitle =   {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},
   year =        {2000},
   month =       {July},
   editor =      {H. Federrath},
   publisher =   {Springer-Verlag, LNCS 2009},
}
   %note =        {\url{http://freehaven.net/papers.html}},

@InProceedings{raymond00,
  author =       {J. F. Raymond},
  title =        {{Traffic Analysis: Protocols, Attacks, Design Issues,
                  and Open Problems}}, 
  booktitle =    {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},  
  year =         2000,
  month =        {July},
  pages =        {10-29},
  editor =       {H. Federrath},
  publisher =    {Springer-Verlag, LNCS 2009},
}

@InProceedings{sybil,
  author = "John Douceur",
  title = {{The Sybil Attack}},
  booktitle = "Proceedings of the 1st International Peer To Peer Systems Workshop (IPTPS 2002)",
  month = Mar,
  year = 2002,
}

@InProceedings{trickle02,
  author =       {Andrei Serjantov and Roger Dingledine and Paul Syverson},
  title =        {From a Trickle to a Flood: Active Attacks on Several
                  Mix Types},
  booktitle =    {Information Hiding (IH 2002)},
  year =         {2002},
  editor =       {Fabien Petitcolas},
  publisher =    {Springer-Verlag, LNCS 2578},
}

@InProceedings{langos02,
  author =      {Oliver Berthold and Heinrich Langos},
  title =       {Dummy Traffic Against Long Term Intersection Attacks},
  booktitle =    {Privacy Enhancing Technologies (PET 2002)},
  year =         {2002},
  editor =       {Roger Dingledine and Paul Syverson},
  publisher =    {Springer-Verlag, LNCS 2482}
}


@InProceedings{hintz-pet02,
  author = 	 {Andrew Hintz},
  title = 	 {Fingerprinting Websites Using Traffic Analysis},
  booktitle = 	 {Privacy Enhancing Technologies (PET 2002)},
  pages =	 {171--178},
  year =	 2002,
  editor =	 {Roger Dingledine and Paul Syverson},
  publisher =	 {Springer-Verlag, LNCS 2482}
}

@InProceedings{or-discex00,
   author =      {Paul Syverson and Michael Reed and David Goldschlag},
   title =       {{O}nion {R}outing Access Configurations},
   booktitle =   {DARPA Information Survivability Conference and
                  Exposition (DISCEX 2000)}, 
   year =        {2000},
   publisher =   {IEEE CS Press},
   pages =       {34--40},
   volume =      {1},
}
   %note =        {\newline \url{http://www.onion-router.net/Publications.html}},

@Inproceedings{or-pet00,
  title =        {{Towards an Analysis of Onion Routing Security}},
  author =       {Paul Syverson and Gene Tsudik and Michael Reed and
                  Carl Landwehr}, 
  booktitle =    {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},
  year =         2000,
  month =        {July},
  pages =        {96--114},
  editor =       {H. Federrath},
  publisher =    {Springer-Verlag, LNCS 2009},
}
  %note =         {\url{http://www.onion-router.net/Publications/WDIAU-2000.ps.gz}},

@Inproceedings{freenet-pets00,
  title =        {Freenet: A Distributed Anonymous Information Storage
    and Retrieval System}, 
  author =       {Ian Clarke and Oskar Sandberg and Brandon Wiley and
    Theodore W. Hong},  
  booktitle =    {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},
  year =         2000,
  month =        {July},
  pages =        {46--66},
  editor =       {H. Federrath},
  publisher =    {Springer-Verlag, LNCS 2009},
}
  %note =         {\url{http://citeseer.nj.nec.com/clarke00freenet.html}},

@InProceedings{or-ih96,
  author =       {David M. Goldschlag and Michael G. Reed and Paul
                  F. Syverson}, 
  title =        {Hiding Routing Information},
  booktitle =    {Information Hiding, First International Workshop},
  pages =        {137--150},
  year =         1996,
  editor =       {R. Anderson},
  month =        {May},
  publisher =    {Springer-Verlag, LNCS 1174},
}

@InProceedings{federrath-ih96,
  author = 	 {Hannes Federrath and Anja Jerichow and Andreas Pfitzmann},
  title = 	 {{MIXes} in Mobile Communication Systems: Location
                  Management with Privacy}, 
  booktitle =    {Information Hiding, First International Workshop},
  pages =        {121--135},
  year =         1996,
  editor =       {R. Anderson},
  month =        {May},
  publisher =    {Springer-Verlag, LNCS 1174},
}


@InProceedings{reed-protocols97,
  author = 	 {Michael G. Reed and Paul F. Syverson and David
                  M. Goldschlag}, 
  title = 	 {Protocols Using Anonymous Connections: Mobile Applications},
  booktitle = 	 {Security Protocols: 5th International Workshop},
  pages =	 {13--23},
  year =	 1997,
  editor =	 {Bruce Christianson and Bruno Crispo and Mark Lomas
                  and Michael Roe},
  month =	 {April},
  publisher =	 {Springer-Verlag, LNCS 1361}
}



@Article{or-jsac98,
  author =       {Michael G. Reed and Paul F. Syverson and David
                  M. Goldschlag}, 
  title =        {Anonymous Connections and Onion Routing},
  journal =      {IEEE Journal on Selected Areas in Communications},
  year =         1998,
  volume =       16,
  number =       4,
  pages =        {482--494},
  month =        {May},
}
  %note =         {\url{http://www.onion-router.net/Publications/JSAC-1998.ps.gz}}

@Misc{TLS,
   author =      {T. Dierks and C. Allen},
   title =       {The {TLS} {P}rotocol --- {V}ersion 1.0},
   howpublished = {IETF RFC 2246},
   month =       {January},
   year =        {1999},
}
%note =        {\url{http://www.rfc-editor.org/rfc/rfc2246.txt}},

@Misc{SMTP,
   author =      {J. Postel},
   title =       {Simple {M}ail {T}ransfer {P}rotocol},
   howpublished = {IETF RFC 2821 (also STD0010)},
   month =       {April},
   year =        {2001},
   note =        {\url{http://www.rfc-editor.org/rfc/rfc2821.txt}},
}

@Misc{IMAP,
   author =      {M. Crispin},
   title =       {Internet {M}essage {A}ccess {P}rotocol --- {V}ersion 4rev1},
   howpublished = {IETF RFC 2060},
   month =       {December},
   year =        {1996},
   note =        {\url{http://www.rfc-editor.org/rfc/rfc2060.txt}},
}

@misc{pipenet,
  title = {PipeNet 1.1}, 
  author = {Wei Dai}, 
  year = 1996, 
  month = {August}, 
  howpublished = {Usenet post}, 
  note = {\url{http://www.eskimo.com/~weidai/pipenet.txt} First mentioned
      in a post to the cypherpunks list, Feb.\ 1995.}, 
}


@Misc{POP3,
   author =      {J. Myers and M. Rose},
   title =       {Post {O}ffice {P}rotocol --- {V}ersion 3},
   howpublished = {IETF RFC 1939 (also STD0053)},
   month =       {May},
   year =        {1996},
   note =        {\url{http://www.rfc-editor.org/rfc/rfc1939.txt}},
}


@InProceedings{shuffle,
   author =      {C. Andrew Neff},
   title =       {A Verifiable Secret Shuffle and its Application to E-Voting},
   booktitle =    {8th ACM Conference on Computer and Communications
                  Security (CCS-8)},
   pages =       {116--125},
   year =        2001,
   editor =      {P. Samarati},
   month =       {November},
   publisher =   {ACM Press},
}
   %note =        {\url{http://www.votehere.net/ada_compliant/ourtechnology/
   %                    technicaldocs/shuffle.pdf}},

@InProceedings{dolev91,
   author =      {Danny Dolev and Cynthia Dwork and Moni Naor},
   title =       {Non-Malleable Cryptography},
   booktitle =   {23rd ACM Symposium on the Theory of Computing (STOC)},
   pages =       {542--552},
   year =        1991,
   note =        {Updated version at
                  \url{http://citeseer.nj.nec.com/dolev00nonmalleable.html}},
}

@TechReport{rsw96,
   author =      {Ronald L. Rivest and Adi Shamir and David A. Wagner},
   title =       {Time-lock puzzles and timed-release Crypto},
   year =        1996,
   type =        {MIT LCS technical memo},
   number =      {MIT/LCS/TR-684},
   month =       {February},
   note =        {\newline \url{http://citeseer.nj.nec.com/rivest96timelock.html}},
}

@InProceedings{web-mix,
   author =      {Oliver Berthold and Hannes Federrath and Stefan K\"opsell},
   title =       {Web {MIX}es: A system for anonymous and unobservable
                  {I}nternet access}, 
  booktitle =    {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},
   editor =       {H. Federrath},
   publisher =    {Springer-Verlag, LNCS 2009},
   year =        {2000},
}
%   pages =       {115--129},

@InProceedings{disad-free-routes,
   author =      {Oliver Berthold and Andreas Pfitzmann and Ronny Standtke},
   title =       {The disadvantages of free {MIX} routes and how to overcome
                  them}, 
   booktitle =   {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},
   pages =       {30--45},
   year =        2000,
   editor =       {H. Federrath},
   publisher =    {Springer-Verlag, LNCS 2009},
}
   %note =        {\url{http://www.tik.ee.ethz.ch/~weiler/lehre/netsec/Unterlagen/anon/
   %                    disadvantages_berthold.pdf}},

@InProceedings{boneh00,
   author =      {Dan Boneh and Moni Naor},
   title =       {Timed Commitments},
   booktitle =   {Advances in Cryptology -- {CRYPTO} 2000},
   pages =       {236--254},
   year =        2000,
   publisher =   {Springer-Verlag, LNCS 1880},
   note =        {\newline \url{http://crypto.stanford.edu/~dabo/abstracts/timedcommit.html}},
}

@InProceedings{goldschlag98,
   author =      {David M. Goldschlag and Stuart G. Stubblebine},
   title =       {Publicly Verifiable Lotteries: Applications of
                  Delaying Functions},
   booktitle =   {Financial Cryptography},
   pages =       {214--226},
   year =        1998,
   publisher =   {Springer-Verlag, LNCS 1465},
   note =        {\newline \url{http://citeseer.nj.nec.com/goldschlag98publicly.html}},
}

@InProceedings{syverson98,
   author =      {Paul Syverson},
   title =       {Weakly Secret Bit Commitment: Applications to
                  Lotteries and Fair Exchange},
   booktitle =   {Computer Security Foundations Workshop (CSFW11)},
   pages =       {2--13},
   year =        1998,
   address =     {Rockport Massachusetts},
   month =       {June},
   publisher =   {IEEE CS Press},
   note =        {\newline \url{http://chacs.nrl.navy.mil/publications/CHACS/1998/}},
}

@Misc{shoup-iso,
   author =      {Victor Shoup},
   title =       {A Proposal for an {ISO} {S}tandard for Public Key Encryption (version 2.1)},
   note =        {Revised December 20, 2001. \url{http://www.shoup.net/papers/}},
}

@Misc{shoup-oaep,
   author =      {Victor Shoup},
   title =       {{OAEP} Reconsidered},
   howpublished = {{IACR} e-print 2000/060},
   note =        {\newline \url{http://eprint.iacr.org/2000/060/}},
}

@Misc{oaep-still-alive,
   author =      {E. Fujisaki and D. Pointcheval and T. Okamoto and J. Stern},
   title =       {{RSA}-{OAEP} is Still Alive!},
   howpublished = {{IACR} e-print 2000/061},
   note =        {\newline \url{http://eprint.iacr.org/2000/061/}},
}

@misc{echolot,
  author = {Peter Palfrader},
  title = {Echolot: a pinger for anonymous remailers},
  note = {\url{http://www.palfrader.org/echolot/}},
}

@Misc{mixmaster-attacks,
   author =      {Lance Cottrell},
   title =       {Mixmaster and Remailer Attacks},
   note =        {\url{http://www.obscura.com/~loki/remailer/remailer-essay.html}},
}

@Misc{mixmaster-spec,
   author =      {Ulf M{\"o}ller and Lance Cottrell and Peter
                  Palfrader and Len Sassaman}, 
   title =       {Mixmaster {P}rotocol --- {V}ersion 2},
   year =        {2003},
   month =       {July},
   howpublished = {Draft},
   note =        {\url{http://www.abditum.com/mixmaster-spec.txt}},
}

@InProceedings{puzzles-tls,
    author = "Drew Dean and Adam Stubblefield",
    title = {{Using Client Puzzles to Protect TLS}},
    booktitle = "Proceedings of the 10th USENIX Security Symposium",
    year = {2001},
    month = Aug,
    publisher = {USENIX},
}

@InProceedings{breadpudding,
  author =       {Markus Jakobsson and Ari Juels},
  title =        {Proofs of Work and Bread Pudding Protocols},
  booktitle =    {Proceedings of the IFIP TC6 and TC11 Joint Working
                  Conference on Communications and Multimedia Security
                  (CMS '99)},
  year =         1999,
  month =        {September},
  publisher =    {Kluwer}
}

@Misc{hashcash,
   author =      {Adam Back},
   title =       {Hash cash},
   note =        {\newline \url{http://www.cypherspace.org/~adam/hashcash/}},
}

@InProceedings{oreilly-acc,
   author =      {Roger Dingledine and Michael J. Freedman and David Molnar},
   title =       {Accountability},
   booktitle =   {Peer-to-peer: Harnessing the Benefits of a Disruptive 
                  Technology},
   year =        {2001},
   publisher =   {O'Reilly and Associates},
}


@InProceedings{han,
   author =      {Yongfei Han},
   title =       {Investigation of non-repudiation protocols},
   booktitle =   {ACISP '96},
   year =        1996,
   publisher =   {Springer-Verlag},
}


@Misc{socks5,
  key =          {socks5},
  title =        {{SOCKS} {P}rotocol {V}ersion 5},
  howpublished=  {IETF RFC 1928},
  month =        {March},
  year =         1996,
  note =         {\url{http://www.ietf.org/rfc/rfc1928.txt}}
}

@InProceedings{abe,
   author =      {Masayuki Abe},
   title =       {Universally Verifiable {MIX} With Verification Work Independent of
                  The Number of {MIX} Servers},
   booktitle =   {{EUROCRYPT} 1998},
   year =        {1998},
   publisher =   {Springer-Verlag, LNCS 1403},
}

@InProceedings{desmedt,
   author =      {Yvo Desmedt and Kaoru Kurosawa},
   title =       {How To Break a Practical {MIX} and Design a New One},
   booktitle =   {{EUROCRYPT} 2000},
   year =        {2000},
   publisher =   {Springer-Verlag, LNCS 1803},
   note =        {\url{http://citeseer.nj.nec.com/447709.html}},
}

@InProceedings{mitkuro,
   author =      {M. Mitomo and K. Kurosawa},
   title =       {{Attack for Flash MIX}},
   booktitle =   {{ASIACRYPT} 2000},
   year =        {2000},
   publisher =   {Springer-Verlag, LNCS 1976},
   note =        {\newline \url{http://citeseer.nj.nec.com/450148.html}},
}

@InProceedings{hybrid-mix,
   author =      {M. Ohkubo and M. Abe},
   title =       {A {L}ength-{I}nvariant {H}ybrid {MIX}},
   booktitle =   {Advances in Cryptology - {ASIACRYPT} 2000},
   year =        {2000},
   publisher =   {Springer-Verlag, LNCS 1976},
}

@InProceedings{PShuffle,
  author = {Jun Furukawa and Kazue Sako},
  title = {An Efficient Scheme for Proving a Shuffle},
  editor    = {Joe Kilian},
  booktitle = {CRYPTO 2001},
  year      = {2001},
  publisher = {Springer-Verlag, LNCS 2139},
}


@InProceedings{jakobsson-optimally,
  author = "Markus Jakobsson and Ari Juels",
  title = "An Optimally Robust Hybrid Mix Network (Extended Abstract)",
  booktitle =   {Principles of Distributed Computing - {PODC} '01},
  year = "2001",
  publisher =   {ACM Press},
  note = {\url{http://citeseer.nj.nec.com/492015.html}},
}

@InProceedings{kesdogan,
   author =      {D. Kesdogan and M. Egner and T. B\"uschkes},
   title =       {Stop-and-Go {MIX}es Providing Probabilistic Anonymity in an Open 
                  System},
   booktitle =   {Information Hiding (IH 1998)},
   year =        {1998},
   publisher =   {Springer-Verlag, LNCS 1525},
}
   %note =        {\url{http://www.cl.cam.ac.uk/~fapp2/ihw98/ihw98-sgmix.pdf}},

@InProceedings{socks4,
  author =       {David Koblas and Michelle R. Koblas},
  title =        {{SOCKS}},
  booktitle =    {UNIX Security III Symposium (1992 USENIX Security
                  Symposium)}, 
  pages =        {77--83},
  year =         1992,
  publisher =    {USENIX},
}

@InProceedings{flash-mix,
   author =      {Markus Jakobsson},
   title =       {Flash {M}ixing},
   booktitle =   {Principles of Distributed Computing - {PODC} '99},
   year =        {1999},
   publisher =   {ACM Press},
   note =        {\newline \url{http://citeseer.nj.nec.com/jakobsson99flash.html}},
}

@InProceedings{SK,
   author =      {Joe Kilian and Kazue Sako},
   title =       {Receipt-Free {MIX}-Type Voting Scheme - A Practical Solution to
                  the Implementation of a Voting Booth},
   booktitle =   {EUROCRYPT '95},
   year =        {1995},
   publisher =   {Springer-Verlag},
}

@InProceedings{OAEP,
   author =      {M. Bellare and P. Rogaway},
   year =        {1994},
   booktitle =   {EUROCRYPT '94},
   title =       {Optimal {A}symmetric {E}ncryption {P}adding : How To Encrypt With
                  {RSA}},
   publisher =   {Springer-Verlag},
   note =        {\newline \url{http://www-cse.ucsd.edu/users/mihir/papers/oaep.html}},
}
@inproceedings{babel,
  title = {Mixing {E}-mail With {B}abel}, 
  author = {Ceki G\"ulc\"u and Gene Tsudik}, 
  booktitle = {{Network and Distributed Security Symposium (NDSS 96)}}, 
  year = 1996, 
  month = {February}, 
  pages = {2--16}, 
  publisher = {IEEE}, 
}
  %note = {\url{http://citeseer.nj.nec.com/2254.html}}, 

@Misc{rprocess,
   author =      {RProcess},
   title =       {Selective Denial of Service Attacks},
   note =        {\newline \url{http://www.eff.org/pub/Privacy/Anonymity/1999\_09\_DoS\_remail\_vuln.html}},
}

@Article{remailer-history,
  author = {Sameer Parekh},
  title = {Prospects for Remailers},
  journal = {First Monday},
  volume = {1},
  number = {2},
  month = {August},
  year = {1996},
  note = {\url{http://www.firstmonday.dk/issues/issue2/remailers/}},
}

@Article{chaum-mix,
   author =      {David Chaum},
   title =       {Untraceable electronic mail, return addresses, and digital pseudo-nyms},
   journal =     {Communications of the ACM},
   year =        {1981},
   volume =      {4},
   number =      {2},
   month =       {February},
}
   %note =        {\url{http://www.eskimo.com/~weidai/mix-net.txt}},

@InProceedings{nym-alias-net,
  author =       {David Mazi\`{e}res and M. Frans Kaashoek}, 
  title =        {{The Design, Implementation and Operation of an Email
                  Pseudonym Server}},
  booktitle =    {$5^{th}$ ACM Conference on Computer and
                  Communications Security (CCS'98)},
  year =         1998,
  publisher =    {ACM Press},
}
  %note =        {\newline \url{http://www.scs.cs.nyu.edu/~dm/}},

@InProceedings{tangler,
  author =       {Marc Waldman and David Mazi\`{e}res},
  title =        {Tangler: A Censorship-Resistant Publishing System
                  Based on Document Entanglements}, 
  booktitle =    {$8^{th}$ ACM Conference on Computer and
                  Communications Security (CCS-8)},
  pages =        {86--135},
  year =         2001,
  publisher =    {ACM Press},
}
  %note =         {\url{http://www.scs.cs.nyu.edu/~dm/}}

@misc{neochaum,
   author =      {Tim May},
   title =       {Payment mixes for anonymity}, 
   howpublished = {E-mail archived at
                  \url{http://\newline www.inet-one.com/cypherpunks/dir.2000.02.28-2000.03.05/msg00334.html}},
}

@misc{helsingius, 
   author =      {J. Helsingius},
   title =       {{\tt anon.penet.fi} press release}, 
   note =        {\newline \url{http://www.penet.fi/press-english.html}},
}

@InProceedings{garay97secure,
   author =      {J. Garay and R. Gennaro and C. Jutla and T. Rabin},
   title =       {Secure distributed storage and retrieval},
   booktitle =   {11th International Workshop, WDAG '97},
   pages =       {275--289},
   year =        {1997},
   publisher =   {Springer-Verlag, LNCS 1320},
   note =        {\newline \url{http://citeseer.nj.nec.com/garay97secure.html}},
}

@InProceedings{PIK,
   author =      {C. Park and K. Itoh and K. Kurosawa},
   title =       {Efficient anonymous channel and all/nothing election scheme},
   booktitle =   {Advances in Cryptology -- {EUROCRYPT} '93},
   pages =       {248--259},
   publisher =   {Springer-Verlag, LNCS 765},
}

@Misc{pgpfaq,
   key =         {PGP},
   title =       {{PGP} {FAQ}},
   note =        {\newline \url{http://www.faqs.org/faqs/pgp-faq/}},
}

@Article{riordan-schneier,
   author =      {James Riordan and Bruce Schneier},
   title =       {A Certified E-mail Protocol with No Trusted Third Party},
   journal =     {13th Annual Computer Security Applications Conference},
   month =       {December},
   year =        {1998},
   note =        {\newline \url{http://www.counterpane.com/certified-email.html}},
}


@Article{crowds-tissec,
  author =       {Michael K. Reiter and Aviel D. Rubin},
  title =        {Crowds: Anonymity for Web Transactions},
  journal =      {ACM TISSEC},
  year =         1998,
  volume =       1,
  number =       1,
  pages =        {66--92},
  month =        {June},
}
  %note =         {\url{http://citeseer.nj.nec.com/284739.html}}

@Article{crowds-dimacs,
   author =      {Michael K. Reiter and Aviel D. Rubin},
   title =       {Crowds: Anonymity for Web Transactions},
   journal =     {{DIMACS} Technical Report (Revised)},
   volume =      {97},
   number =      {15},
   month =       {August},
   year =        {1997},
}

@Misc{advogato,
   author =      {Raph Levien}, 
   title =       {Advogato's Trust Metric},
   note =        {\newline \url{http://www.advogato.org/trust-metric.html}},
}

@InProceedings{publius,
   author =      {Marc Waldman and Aviel Rubin and Lorrie Cranor}, 
   title =       {Publius: {A} robust, tamper-evident, censorship-resistant and
                  source-anonymous web publishing system},
   booktitle =   {Proc. 9th USENIX Security Symposium},
   pages =       {59--72},
   year =        {2000},
   month =       {August},
}
   %note =        {\newline \url{http://citeseer.nj.nec.com/waldman00publius.html}},

@Misc{freedom-nyms,
   author =      {Russell Samuels},
   title =       {Untraceable Nym Creation on the {F}reedom {N}etwork},
   year =        {1999},
   month =       {November},
   day =         {21},
   note =        {\newline \url{http://www.freedom.net/products/whitepapers/white11.html}},
}

@techreport{freedom2-arch,
  title = {Freedom Systems 2.0 Architecture}, 
  author = {Philippe Boucher and Adam Shostack and Ian Goldberg}, 
  institution = {Zero Knowledge Systems, {Inc.}}, 
  year = {2000}, 
  month = {December}, 
  type = {White Paper}, 
  day = {18}, 
}

@techreport{freedom21-security,
  title = {Freedom Systems 2.1 Security Issues and Analysis}, 
  author = {Adam Back and Ian Goldberg and Adam Shostack}, 
  institution = {Zero Knowledge Systems, {Inc.}}, 
  year = {2001}, 
  month = {May}, 
  type = {White Paper}, 
}

@inproceedings{cfs:sosp01,
  title = {Wide-area cooperative storage with {CFS}},
  author = {Frank Dabek and M. Frans Kaashoek and David Karger and Robert Morris and Ion Stoica},
  booktitle = {18th {ACM} {S}ymposium on {O}perating {S}ystems {P}rinciples ({SOSP} '01)},
  year = {2001},
  month = {October},
  address = {Chateau Lake Louise, Banff, Canada},
}

@inproceedings{SS03,
  title = {Passive Attack Analysis for Connection-Based Anonymity Systems}, 
  author = {Andrei Serjantov and Peter Sewell}, 
  booktitle = {Computer Security -- ESORICS 2003}, 
  publisher =   {Springer-Verlag, LNCS (forthcoming)},
  year = {2003}, 
  month = {October}, 
}
  %note = {\url{http://www.cl.cam.ac.uk/users/aas23/papers_aas/conn_sys.ps}},

@Misc{pk-relations,
   author =      {M. Bellare and A. Desai and D. Pointcheval and P. Rogaway},
   title =       {Relations Among Notions of Security for Public-Key Encryption
                  Schemes},
   howpublished = {
                  Extended abstract in {\em Advances in Cryptology - CRYPTO '98}, LNCS Vol. 1462.
                  Springer-Verlag, 1998.
                  Full version available from \newline \url{http://www-cse.ucsd.edu/users/mihir/}},
}


@InProceedings{mix-acc, 
  author =      {Roger Dingledine and Michael J. Freedman and David
                  Hopwood and David Molnar},
  title =       {{A Reputation System to Increase MIX-net
                  Reliability}},
  booktitle =   {Information Hiding (IH 2001)},
  pages =       {126--141},
  year =        2001,
  editor =      {Ira S. Moskowitz},
  publisher =   {Springer-Verlag, LNCS 2137},
}
  %note =        {\url{http://www.freehaven.net/papers.html}},

@InProceedings{casc-rep,
   author =      {Roger Dingledine and Paul Syverson},
   title =       {{Reliable MIX Cascade Networks through Reputation}},
  booktitle =    {Financial Cryptography},
  year =         2002,
  editor =       {Matt Blaze},
  publisher =    {Springer-Verlag, LNCS 2357},
}
  %note =        {\newline \url{http://www.freehaven.net/papers.html}},

@InProceedings{zhou96certified,
   author =      {Zhou and Gollmann},
   title =       {Certified Electronic Mail},
   booktitle =   {{ESORICS: European Symposium on Research in Computer
                  Security}},
   publisher =   {Springer-Verlag, LNCS 1146},
   year =        {1996},
   note =        {\newline \url{http://citeseer.nj.nec.com/zhou96certified.html}},
}

@Misc{realtime-mix,
   author =      {Anja Jerichow and Jan M\"uller and Andreas Pfitzmann and
                  Birgit Pfitzmann and Michael Waidner}, 
   title =       {{Real-Time MIXes: A Bandwidth-Efficient Anonymity Protocol}},
   howpublished = {IEEE Journal on Selected Areas in Communications, 1998.},
   note =        {\url{http://www.zurich.ibm.com/security/publications/1998.html}},
}

@InProceedings{danezis-pets03,
  author =       {George Danezis},
  title =        {Mix-networks with Restricted Routes},
  booktitle =    {Privacy Enhancing Technologies (PET 2003)},
  year =         2003,
  editor =       {Roger Dingledine},
  publisher =    {Springer-Verlag LNCS 2760}
}

@InProceedings{gap-pets03,
  author =       {Krista Bennett and Christian Grothoff},
  title =        {{GAP} -- practical anonymous networking},
  booktitle =    {Privacy Enhancing Technologies (PET 2003)},
  year =         2003,
  editor =       {Roger Dingledine},
  publisher =    {Springer-Verlag LNCS 2760}
}

@Article{hordes-jcs,
  author =       {Brian Neal Levine and Clay Shields},
  title =        {Hordes: A Multicast-Based Protocol for Anonymity},
  journal =      {Journal of Computer Security},
  year =         2002,
  volume =       10,
  number =       3,
  pages =        {213--240}
}

@TechReport{herbivore,
  author =       {Sharad Goel and Mark Robson and Milo Polte and Emin G\"{u}n Sirer},
  title =        {Herbivore: A Scalable and Efficient Protocol for Anonymous Communication},
  institution =  {Cornell University Computing and Information Science},
  year =         2003,
  type =         {Technical Report},
  number =       {TR2003-1890},
  month =        {February}
}

@InProceedings{p5,
  author =       {Rob Sherwood and Bobby Bhattacharjee and Aravind Srinivasan},
  title =        {$P^5$: A Protocol for Scalable Anonymous Communication},
  booktitle =    {2002 IEEE Symposium on Security and Privacy},
  pages =        {58--70},
  year =         2002,
  publisher =    {IEEE CS}
}

@phdthesis{ian-thesis,
  title = {A Pseudonymous Communications Infrastructure for the Internet}, 
  author = {Ian Goldberg}, 
  school = {UC Berkeley}, 
  year = {2000}, 
  month = {Dec}, 
}

@Article{taz,
  author =       {Ian Goldberg and David Wagner},
  title =        {TAZ Servers and the Rewebber Network: Enabling
                  Anonymous Publishing on the World Wide Web},
  journal =      {First Monday},
  year =         1998,
  volume =       3,
  number =       4,
  month =        {August},
  note =         {\url{http://www.firstmonday.dk/issues/issue3_4/goldberg/}}
}

@Misc{tcp-over-tcp-is-bad,
  key =          {tcp-over-tcp-is-bad},
  title =        {Why {TCP} Over {TCP} Is A Bad Idea},
  author =       {Olaf Titz},
  note =         {\url{http://sites.inka.de/sites/bigred/devel/tcp-tcp.html}}
}

@inproceedings{wright02,
  title = {An Analysis of the Degradation of Anonymous Protocols}, 
  author = {Matthew Wright and Micah Adler and Brian Neil Levine and Clay Shields}, 
  booktitle = {{Network and Distributed Security Symposium (NDSS 02)}}, 
  year = {2002}, 
  month = {February}, 
  publisher = {IEEE}, 
}

@inproceedings{wright03,
  title = {Defending Anonymous Communication Against Passive Logging Attacks}, 
  author = {Matthew Wright and Micah Adler and Brian Neil Levine and Clay Shields}, 
  booktitle = {IEEE Symposium on Security and Privacy}, 
  pages= {28--41},
  year = {2003}, 
  month = {May}, 
  publisher = {IEEE CS}, 
}

@Misc{jap-backdoor,
  author={{The AN.ON Project}},
  howpublished={Press release},
  year={2003},
  month={September},
  title={German Police proceeds against anonymity service},
  note={\url{http://www.datenschutzzentrum.de/material/themen/presse/anon-bka_e.htm}}
}

@article{shsm03,
  title = {Using Caching for Browsing Anonymity}, 
  author = {Anna Shubina and Sean Smith}, 
  journal = {ACM SIGEcom Exchanges}, 
  volume = {4}, 
  number = {2}, 
  year = {2003}, 
  month = {Sept}, 
  www_pdf_url = {http://www.acm.org/sigs/sigecom/exchanges/volume_4_(03)/4.2-Shubina.pdf}, 
  www_section = {Anonymous communication}, 
}

%%% Local Variables: 
%%% mode: latex
%%% TeX-master: "tor-design"
%%% End: