tor/doc/tor-design.bib

@Misc{anonymizer,
  key =		 {anonymizer},
  title =	 {The {Anonymizer}},
  note =	 {\url{http://www.anonymizer.com}}
}

@Misc{anonnet,
  key =		 {anonnet},
  title =	 {{AnonNet}},
  note =	 {\url{http://www.authnet.org/anonnet/}}
}

% can somebody track down the rest of this? -RD
@Misc{castro-liskov,
   author = {Miguel Castro and Barbara Liskov}, 
   title = {Proactive Recovery in a Byzantine-Fault-Tolerant System},
   howpublished = {
     $<$http://www.pmg.lcs.mit.edu/$\tilde{\hspace{5pt}}$castro/application/recovery.pdf$>$},
}

@inproceedings{econymics,
  title = {On the Economics of Anonymity}, 
  author = {Alessandro Acquisti and Roger Dingledine and Paul Syverson}, 
  booktitle = {Financial Cryptography, FC 2003}, 
  year = {2003}, 
  editor = {Rebecca N. Wright}, 
  publisher = {Springer-Verlag, LNCS 2742}, 
  note = {\url{http://freehaven.net/doc/fc03/econymics.pdf}}, 
}

@inproceedings{eternity,
  title = {The Eternity Service}, 
  author = {Ross Anderson}, 
  booktitle = {Proceedings of Pragocrypt '96}, 
  year = {1996}, 
  note =  {\url{http://www.cl.cam.ac.uk/users/rja14/eternity/eternity.html}}, 
}


@inproceedings{minion-design,
  title = {Mixminion: Design of a Type {III} Anonymous Remailer Protocol}, 
  author = {George Danezis and Roger Dingledine and Nick Mathewson}, 
  booktitle = {2003 IEEE Symposium on Security and Privacy}, 
  year = {2003}, 
  month = {May},
  publisher = {IEEE CS},
  pages = {2--15}, 
  note = {\url{http://mixminion.net/minion-design.pdf}}, 
  www_important = {1}, 
  www_section = {Anonymous communication}, 
}

@inproceedings{ rao-pseudonymity,
    author = "Josyula R. Rao and Pankaj Rohatgi",
    title = "Can Pseudonymity Really Guarantee Privacy?",
    booktitle = "Proceedings of the Ninth USENIX Security Symposium",
    year = {2000},
    month = Aug,
    publisher = {USENIX},
    pages = "85--96",
    note = {\url{http://www.usenix.org/publications/library/proceedings/sec2000/
full_papers/rao/rao.pdf}},
}

@InProceedings{pfitzmann90how,
    author = "Birgit Pfitzmann and Andreas Pfitzmann",
    title = "How to Break the Direct {RSA}-Implementation of {MIXes}",
    booktitle = {Eurocrypt 89},
    publisher = {Springer-Verlag, LNCS 434},
    year = {1990},
    note = {\url{http://citeseer.nj.nec.com/pfitzmann90how.html}},
}

%   author =      {Roger Dingledine and Nick Mathewson},
@Misc{tor-spec,
   author =      {Anonymized},
   title =       {Tor Protocol Specifications},
   note =        {\url{http://freehaven.net/tor/tor-spec.txt}},
}

@InProceedings{BM:mixencrypt,
  author =       {M{\"o}ller, Bodo},
  title =        {Provably Secure Public-Key Encryption for Length-Preserving Chaumian Mixes},
  booktitle =    {{CT-RSA} 2003},
  publisher =    {Springer-Verlag, LNCS 2612},
  year =         2003,
}

% Would a more recent reference for SPRPs be more useful?
@Article{sprp,
   author =      {Michael Luby and Charles Rackoff},
   title =       {How to Construct Pseudorandom Permutations from
                  Pseudorandom Functions},
   journal =     {SIAM Journal on Computing},
   year =        {1988},
   volume =      {17},
   number =      {2},
   pages =       {373--386},
}

@InProceedings{back01,
  author =       {Adam Back and Ulf M\"oller and Anton Stiglic},
  title =        {Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems},
  booktitle =    {Information Hiding (IH 2001)},
  pages =        {245--257},
  year =         2001,
  editor =       {Ira S. Moskowitz},
  publisher =    {Springer-Verlag, LNCS 2137},
  note =         {\newline \url{http://www.cypherspace.org/adam/pubs/traffic.pdf}},
}

@InProceedings{rackoff93cryptographic,
   author =      {Charles Rackoff and Daniel R. Simon},
   title =       {Cryptographic Defense Against Traffic Analysis},
   booktitle =   {{ACM} Symposium on Theory of Computing},
   pages =       {672--681},
   year =        {1993},
   note =        {\url{http://research.microsoft.com/crypto/dansimon/me.htm}},
}

@InProceedings{freehaven-berk,
   author =      {Roger Dingledine and Michael J. Freedman and David Molnar},
   title =       {The Free Haven Project: Distributed Anonymous Storage Service},
   booktitle =   {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},
   year =        {2000},
   month =       {July},
   editor =      {H. Federrath},
   publisher =   {Springer-Verlag, LNCS 2009},
   note =        {\url{http://freehaven.net/papers.html}},
}

@InProceedings{raymond00,
  author =       {J. F. Raymond},
  title =        {{Traffic Analysis: Protocols, Attacks, Design Issues,
                  and Open Problems}}, 
  booktitle =    {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},  
  year =         2000,
  month =        {July},
  pages =        {10-29},
  editor =       {H. Federrath},
  publisher =    {Springer-Verlag, LNCS 2009},
}

@InProceedings{trickle02,
  author =       {Andrei Serjantov and Roger Dingledine and Paul Syverson},
  title =        {From a Trickle to a Flood: Active Attacks on Several
                  Mix Types},
  booktitle =    {Information Hiding (IH 2002)},
  year =         {2002},
  editor =       {Fabien Petitcolas},
  publisher =    {Springer-Verlag, LNCS 2578},
}

@InProceedings{langos02,
  author =      {Oliver Berthold and Heinrich Langos},
  title =       {Dummy Traffic Against Long Term Intersection Attacks},
  booktitle =    {Privacy Enhancing Technologies (PET 2002)},
  year =         {2002},
  editor =       {Roger Dingledine and Paul Syverson},
  publisher =    {Springer-Verlag, LNCS 2482}
}

@InProceedings{or-discex00,
   author =      {Paul Syverson and Michael Reed and David Goldschlag},
   title =       {{O}nion {R}outing Access Configurations},
   booktitle =   {DARPA Information Survivability Conference and
                  Exposition (DISCEX 2000)}, 
   year =        {2000},
   publisher =   {IEEE CS Press},
   pages =       {34--40},
   volume =      {1},
   note =        {\newline \url{http://www.onion-router.net/Publications.html}},
}

@Inproceedings{or-pet00,
  title =        {{Towards an Analysis of Onion Routing Security}},
  author =       {Paul Syverson and Gene Tsudik and Michael Reed and
                  Carl Landwehr}, 
  booktitle =    {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},
  year =         2000,
  month =        {July},
  pages =        {96--114},
  editor =       {H. Federrath},
  publisher =    {Springer-Verlag, LNCS 2009},
  note =         {\url{http://www.onion-router.net/Publications/WDIAU-2000.ps.gz}},
}

@Inproceedings{freenet-pets00,
  title =        {Freenet: A Distributed Anonymous Information Storage
    and Retrieval System}, 
  author =       {Ian Clarke and Oskar Sandberg and Brandon Wiley and
    Theodore W. Hong},  
  booktitle =    {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},
  year =         2000,
  month =        {July},
  pages =        {46--66},
  editor =       {H. Federrath},
  publisher =    {Springer-Verlag, LNCS 2009},
  note =         {\url{http://citeseer.nj.nec.com/clarke00freenet.html}},
}


@InProceedings{or-ih96,
  author = 	 {David M. Goldschlag and Michael G. Reed and Paul
                  F. Syverson}, 
  title = 	 {Hiding Routing Information},
  booktitle = 	 {Information Hiding, First International Workshop},
  pages =	 {137--150},
  year =	 1996,
  editor =	 {R. Anderson},
  month =	 {May},
  publisher =	 {Springer-Verlag, LNCS 1174},
  note =	 {\url{http://www.onion-router.net/Publications/IH-1996.ps.gz}}
}

@Article{or-jsac98,
  author = 	 {Michael G. Reed and Paul F. Syverson and David
                  M. Goldschlag}, 
  title = 	 {Anonymous Connections and Onion Routing},
  journal = 	 {IEEE Journal on Selected Areas in Communications},
  year = 	 1998,
  volume =	 16,
  number =	 4,
  pages =	 {482--494},
  month =	 {May},
  note =	 {\url{http://www.onion-router.net/Publications/JSAC-1998.ps.gz}}
}

@Misc{TLS,
   author =      {T. Dierks and C. Allen},
   title =       {The {TLS} {P}rotocol --- {V}ersion 1.0},
   howpublished = {IETF RFC 2246},
   month =       {January},
   year =        {1999},
   note =        {\url{http://www.rfc-editor.org/rfc/rfc2246.txt}},
}

@Misc{SMTP,
   author =      {J. Postel},
   title =       {Simple {M}ail {T}ransfer {P}rotocol},
   howpublished = {IETF RFC 2821 (also STD0010)},
   month =       {April},
   year =        {2001},
   note =        {\url{http://www.rfc-editor.org/rfc/rfc2821.txt}},
}

@Misc{IMAP,
   author =      {M. Crispin},
   title =       {Internet {M}essage {A}ccess {P}rotocol --- {V}ersion 4rev1},
   howpublished = {IETF RFC 2060},
   month =       {December},
   year =        {1996},
   note =        {\url{http://www.rfc-editor.org/rfc/rfc2060.txt}},
}

@misc{pipenet,
  title = {PipeNet 1.1}, 
  author = {Wei Dai}, 
  year = 1996, 
  month = {August}, 
  howpublished = {Usenet post}, 
  note = {\url{http://www.eskimo.com/~weidai/pipenet.txt} First mentioned
      in a post to the cypherpunks list, Feb.\ 1995.}, 
}


@Misc{POP3,
   author =      {J. Myers and M. Rose},
   title =       {Post {O}ffice {P}rotocol --- {V}ersion 3},
   howpublished = {IETF RFC 1939 (also STD0053)},
   month =       {May},
   year =        {1996},
   note =        {\url{http://www.rfc-editor.org/rfc/rfc1939.txt}},
}


@InProceedings{shuffle,
   author =      {C. Andrew Neff},
   title =       {A Verifiable Secret Shuffle and its Application to E-Voting},
   booktitle =    {8th ACM Conference on Computer and Communications
                  Security (CCS-8)},
   pages =       {116--125},
   year =        2001,
   editor =      {P. Samarati},
   month =       {November},
   publisher =   {ACM Press},
   note =        {\url{http://www.votehere.net/ada_compliant/ourtechnology/
                       technicaldocs/shuffle.pdf}},
}

@InProceedings{dolev91,
   author =      {Danny Dolev and Cynthia Dwork and Moni Naor},
   title =       {Non-Malleable Cryptography},
   booktitle =   {23rd ACM Symposium on the Theory of Computing (STOC)},
   pages =       {542--552},
   year =        1991,
   note =        {Updated version at
                  \url{http://citeseer.nj.nec.com/dolev00nonmalleable.html}},
}

@TechReport{rsw96,
   author =      {Ronald L. Rivest and Adi Shamir and David A. Wagner},
   title =       {Time-lock puzzles and timed-release Crypto},
   year =        1996,
   type =        {MIT LCS technical memo},
   number =      {MIT/LCS/TR-684},
   month =       {February},
   note =        {\newline \url{http://citeseer.nj.nec.com/rivest96timelock.html}},
}

@InProceedings{web-mix,
   author =      {Oliver Berthold and Hannes Federrath and Stefan K\"opsell},
   title =       {Web {MIX}es: A system for anonymous and unobservable
                  {I}nternet access}, 
  booktitle =    {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},
   editor =       {H. Federrath},
   publisher =    {Springer-Verlag, LNCS 2009},
   pages =       {115--129},
   year =        2000,
}

@InProceedings{disad-free-routes,
   author =      {Oliver Berthold and Andreas Pfitzmann and Ronny Standtke},
   title =       {The disadvantages of free {MIX} routes and how to overcome
                  them}, 
   booktitle =   {Designing Privacy Enhancing Technologies: Workshop
                  on Design Issue in Anonymity and Unobservability},
   pages =       {30--45},
   year =        2000,
   editor =       {H. Federrath},
   publisher =    {Springer-Verlag, LNCS 2009},
   note =        {\url{http://www.tik.ee.ethz.ch/~weiler/lehre/netsec/Unterlagen/anon/
                       disadvantages_berthold.pdf}},
}

@InProceedings{boneh00,
   author =      {Dan Boneh and Moni Naor},
   title =       {Timed Commitments},
   booktitle =   {Advances in Cryptology -- {CRYPTO} 2000},
   pages =       {236--254},
   year =        2000,
   publisher =   {Springer-Verlag, LNCS 1880},
   note =        {\newline \url{http://crypto.stanford.edu/~dabo/abstracts/timedcommit.html}},
}

@InProceedings{goldschlag98,
   author =      {David M. Goldschlag and Stuart G. Stubblebine},
   title =       {Publicly Verifiable Lotteries: Applications of
                  Delaying Functions},
   booktitle =   {Financial Cryptography, FC'98},
   pages =       {214--226},
   year =        1998,
   publisher =   {Springer-Verlag, LNCS 1465},
   note =        {\newline \url{http://citeseer.nj.nec.com/goldschlag98publicly.html}},
}

@InProceedings{syverson98,
   author =      {Paul Syverson},
   title =       {Weakly Secret Bit Commitment: Applications to
                  Lotteries and Fair Exchange},
   booktitle =   {Computer Security Foundations Workshop (CSFW11)},
   pages =       {2--13},
   year =        1998,
   address =     {Rockport Massachusetts},
   month =       {June},
   publisher =   {IEEE CS Press},
   note =        {\newline \url{http://chacs.nrl.navy.mil/publications/CHACS/1998/}},
}

@Misc{shoup-iso,
   author =      {Victor Shoup},
   title =       {A Proposal for an {ISO} {S}tandard for Public Key Encryption (version 2.1)},
   note =        {Revised December 20, 2001. \url{http://www.shoup.net/papers/}},
}

@Misc{shoup-oaep,
   author =      {Victor Shoup},
   title =       {{OAEP} Reconsidered},
   howpublished = {{IACR} e-print 2000/060},
   note =        {\newline \url{http://eprint.iacr.org/2000/060/}},
}

@Misc{oaep-still-alive,
   author =      {E. Fujisaki and D. Pointcheval and T. Okamoto and J. Stern},
   title =       {{RSA}-{OAEP} is Still Alive!},
   howpublished = {{IACR} e-print 2000/061},
   note =        {\newline \url{http://eprint.iacr.org/2000/061/}},
}

@misc{echolot,
  author = {Peter Palfrader},
  title = {Echolot: a pinger for anonymous remailers},
  note = {\url{http://www.palfrader.org/echolot/}},
}

@Misc{mixmaster-attacks,
   author =      {Lance Cottrell},
   title =       {Mixmaster and Remailer Attacks},
   note =        {\url{http://www.obscura.com/~loki/remailer/remailer-essay.html}},
}

@Misc{mixmaster-spec,
   author =      {Ulf M{\"o}ller and Lance Cottrell and Peter
                  Palfrader and Len Sassaman}, 
   title =       {Mixmaster {P}rotocol --- {V}ersion 2},
   year =        {2003},
   month =       {July},
   howpublished = {Draft},
   note =        {\url{http://www.abditum.com/mixmaster-spec.txt}},
}

@Article{mitzenm-loss,
   author =      {G. Louth and M. Mitzenmacher and F.P. Kelly},
   title =       {Computational Complexity of Loss Networks},
   journal =     {Theoretical Computer Science},
   year =        {1994},
   volume =      {125},
   pages =       {45-59},
   note =        {\newline \url{http://citeseer.nj.nec.com/louth94computational.html}},
}

@Misc{hashcash,
   author =      {Adam Back},
   title =       {Hash cash},
   note =        {\newline \url{http://www.cypherspace.org/~adam/hashcash/}},
}

@InProceedings{oreilly-acc,
   author =      {Roger Dingledine and Michael J. Freedman and David Molnar},
   title =       {Accountability},
   booktitle =   {Peer-to-peer: Harnessing the Benefits of a Disruptive 
                  Technology},
   year =        {2001},
   publisher =   {O'Reilly and Associates},
}


@InProceedings{han,
   author =      {Yongfei Han},
   title =       {Investigation of non-repudiation protocols},
   booktitle =   {ACISP '96},
   year =        1996,
   publisher =   {Springer-Verlag},
}


@Misc{socks5,
  key =		 {socks5},
  title =	 {{SOCKS} {P}rotocol {V}ersion 5},
  howpublished=  {IETF RFC 1928},
  month =	 {March},
  year =	 1996,
  note =	 {\url{http://www.ietf.org/rfc/rfc1928.txt}}
}

@InProceedings{abe,
   author =      {Masayuki Abe},
   title =       {Universally Verifiable {MIX} With Verification Work Independent of
                  The Number of {MIX} Servers},
   booktitle =   {{EUROCRYPT} 1998},
   year =        {1998},
   publisher =   {Springer-Verlag, LNCS 1403},
}

@InProceedings{desmedt,
   author =      {Yvo Desmedt and Kaoru Kurosawa},
   title =       {How To Break a Practical {MIX} and Design a New One},
   booktitle =   {{EUROCRYPT} 2000},
   year =        {2000},
   publisher =   {Springer-Verlag, LNCS 1803},
   note =        {\url{http://citeseer.nj.nec.com/447709.html}},
}

@InProceedings{mitkuro,
   author =      {M. Mitomo and K. Kurosawa},
   title =       {{Attack for Flash MIX}},
   booktitle =   {{ASIACRYPT} 2000},
   year =        {2000},
   publisher =   {Springer-Verlag, LNCS 1976},
   note =        {\newline \url{http://citeseer.nj.nec.com/450148.html}},
}

@InProceedings{hybrid-mix,
   author =      {M. Ohkubo and M. Abe},
   title =       {A {L}ength-{I}nvariant {H}ybrid {MIX}},
   booktitle =   {Advances in Cryptology - {ASIACRYPT} 2000},
   year =        {2000},
   publisher =   {Springer-Verlag, LNCS 1976},
}

@InProceedings{PShuffle,
  author = {Jun Furukawa and Kazue Sako},
  title = {An Efficient Scheme for Proving a Shuffle},
  editor    = {Joe Kilian},
  booktitle = {CRYPTO 2001},
  year      = {2001},
  publisher = {Springer-Verlag, LNCS 2139},
}


@InProceedings{jakobsson-optimally,
  author = "Markus Jakobsson and Ari Juels",
  title = "An Optimally Robust Hybrid Mix Network (Extended Abstract)",
  booktitle =   {Principles of Distributed Computing - {PODC} '01},
  year = "2001",
  publisher =   {ACM Press},
  note = {\url{http://citeseer.nj.nec.com/492015.html}},
}

@InProceedings{kesdogan,
   author =      {D. Kesdogan and M. Egner and T. B\"uschkes},
   title =       {Stop-and-Go {MIX}es Providing Probabilistic Anonymity in an Open 
                  System},
   booktitle =   {Information Hiding (IH 1998)},
   year =        {1998},
   publisher =   {Springer-Verlag, LNCS 1525},
   note =        {\url{http://www.cl.cam.ac.uk/~fapp2/ihw98/ihw98-sgmix.pdf}},
}



@InProceedings{socks4,
  author = 	 {David Koblas and Michelle R. Koblas},
  title = 	 {{SOCKS}},
  booktitle = 	 {UNIX Security III Symposium (1992 USENIX Security
                  Symposium)}, 
  pages =	 {77--83},
  year =	 1992,
  publisher =	 {USENIX},
}

@InProceedings{flash-mix,
   author =      {Markus Jakobsson},
   title =       {Flash {M}ixing},
   booktitle =   {Principles of Distributed Computing - {PODC} '99},
   year =        {1999},
   publisher =   {ACM Press},
   note =        {\newline \url{http://citeseer.nj.nec.com/jakobsson99flash.html}},
}

@InProceedings{SK,
   author =      {Joe Kilian and Kazue Sako},
   title =       {Receipt-Free {MIX}-Type Voting Scheme - A Practical Solution to
                  the Implementation of a Voting Booth},
   booktitle =   {EUROCRYPT '95},
   year =        {1995},
   publisher =   {Springer-Verlag},
}

@InProceedings{OAEP,
   author =      {M. Bellare and P. Rogaway},
   year =        {1994},
   booktitle =   {EUROCRYPT '94},
   title =       {Optimal {A}symmetric {E}ncryption {P}adding : How To Encrypt With
                  {RSA}},
   publisher =   {Springer-Verlag},
   note =        {\newline \url{http://www-cse.ucsd.edu/users/mihir/papers/oaep.html}},
}
@inproceedings{babel,
  title = {Mixing {E}-mail With {B}abel}, 
  author = {Ceki G\"ulc\"u and Gene Tsudik}, 
  booktitle = {Proceedings of the Network and Distributed Security Symposium - {NDSS} '96}, 
  year = 1996, 
  month = {February}, 
  pages = {2--16}, 
  publisher = {IEEE}, 
  www_important = 1, 
  note = {\url{http://citeseer.nj.nec.com/2254.html}}, 
  www_section = {Anonymous communication}, 
}

@InProceedings{freenet,
   author =      {Ian Clarke and Oskar Sandberg and Brandon Wiley and Theodore W. Hong},
   title =       {Freenet: {A} Distributed Anonymous Information Storage and Retrieval 
                  System},
   booktitle =   {Workshop on Design Issues in Anonymity and Unobservability},
   pages =       {46--66},
   year =        {2000},
   note =        {\newline \url{http://citeseer.nj.nec.com/clarke00freenet.html}},
}

@Misc{rprocess,
   author =      {RProcess},
   title =       {Selective Denial of Service Attacks},
   note =        {\newline \url{http://www.eff.org/pub/Privacy/Anonymity/1999\_09\_DoS\_remail\_vuln.html}},
}

@Article{remailer-history,
  author = {Sameer Parekh},
  title = {Prospects for Remailers},
  journal = {First Monday},
  volume = {1},
  number = {2},
  month = {August},
  year = {1996},
  note = {\url{http://www.firstmonday.dk/issues/issue2/remailers/}},
}

@Article{chaum-mix,
   author =      {David Chaum},
   title =       {Untraceable electronic mail, return addresses, and digital pseudo-nyms},
   journal =     {Communications of the ACM},
   year =        {1981},
   volume =      {4},
   number =      {2},
   month =       {February},
   note =        {\url{http://www.eskimo.com/~weidai/mix-net.txt}},
}

@InProceedings{nym-alias-net,
  author =       {David Mazi\`{e}res and M. Frans Kaashoek}, 
  title =        {{The Design, Implementation and Operation of an Email
                  Pseudonym Server}},
  booktitle =    {$5^{th}$ ACM Conference on Computer and
                  Communications Security (CCS'98)},
  year =         1998,
  publisher =    {ACM Press},
  note =        {\newline \url{http://www.scs.cs.nyu.edu/~dm/}},
}



@InProceedings{tangler,
  author = 	 {Marc Waldman and David Mazi\`{e}res},
  title = 	 {Tanger: A Censorship-Resistant Publishing System
                  Based on Document Entanglements}, 
  booktitle = 	 {$8^{th}$ ACM Conference on Computer and
                  Communications Security (CCS-8)},
  pages =	 {86--135},
  year =	 2001,
  publisher =	 {ACM Press},
  note =	 {\url{http://www.scs.cs.nyu.edu/~dm/}}
}

@misc{neochaum,
   author =      {Tim May},
   title =       {Payment mixes for anonymity}, 
   howpublished = {E-mail archived at
                  \url{http://\newline www.inet-one.com/cypherpunks/dir.2000.02.28-2000.03.05/msg00334.html}},
}

@misc{helsingius, 
   author =      {J. Helsingius},
   title =       {{\tt anon.penet.fi} press release}, 
   note =        {\newline \url{http://www.penet.fi/press-english.html}},
}

@InProceedings{garay97secure,
   author =      {J. Garay and R. Gennaro and C. Jutla and T. Rabin},
   title =       {Secure distributed storage and retrieval},
   booktitle =   {11th International Workshop, WDAG '97},
   pages =       {275--289},
   year =        {1997},
   publisher =   {Springer-Verlag, LNCS 1320},
   note =        {\newline \url{http://citeseer.nj.nec.com/garay97secure.html}},
}

@InProceedings{PIK,
   author =      {C. Park and K. Itoh and K. Kurosawa},
   title =       {Efficient anonymous channel and all/nothing election scheme},
   booktitle =   {Advances in Cryptology -- {EUROCRYPT} '93},
   pages =       {248--259},
   publisher =   {Springer-Verlag, LNCS 765},
}

@Misc{pgpfaq,
   key =         {PGP},
   title =       {{PGP} {FAQ}},
   note =        {\newline \url{http://www.faqs.org/faqs/pgp-faq/}},
}

@Article{riordan-schneier,
   author =      {James Riordan and Bruce Schneier},
   title =       {A Certified E-mail Protocol with No Trusted Third Party},
   journal =     {13th Annual Computer Security Applications Conference},
   month =       {December},
   year =        {1998},
   note =        {\newline \url{http://www.counterpane.com/certified-email.html}},
}


@Article{crowds-tissec,
  author = 	 {Michael K. Reiter and Aviel D. Rubin},
  title = 	 {Crowds: Anonymity for Web Transactions},
  journal = 	 {ACM TISSEC},
  year = 	 1998,
  volume =	 1,
  number =	 1,
  pages =	 {66--92},
  month =	 {November},
  note =	 {\url{http://citeseer.nj.nec.com/284739.html}}
}

@Article{crowds-dimacs,
   author =      {Michael K. Reiter and Aviel D. Rubin},
   title =       {Crowds: Anonymity for Web Transactions},
   journal =     {{DIMACS} Technical Report (Revised)},
   volume =      {97},
   number =      {15},
   month =       {August},
   year =        {1997},
}

@Misc{advogato,
   author =      {Raph Levien}, 
   title =       {Advogato's Trust Metric},
   note =        {\newline \url{http://www.advogato.org/trust-metric.html}},
}

@InProceedings{publius,
   author =      {Marc Waldman and Aviel Rubin and Lorrie Cranor}, 
   title =       {Publius: {A} robust, tamper-evident, censorship-resistant and
                  source-anonymous web publishing system},
   booktitle =   {Proc. 9th USENIX Security Symposium},
   pages =       {59--72},
   year =        {2000},
   month =       {August},
   note =        {\newline \url{http://citeseer.nj.nec.com/waldman00publius.html}},
}

@Misc{freedom-nyms,
   author =      {Russell Samuels},
   title =       {Untraceable Nym Creation on the {F}reedom {N}etwork},
   year =        {1999},
   month =       {November},
   day =         {21},
   note =        {\newline \url{http://www.freedom.net/products/whitepapers/white11.html}},
}

@techreport{freedom2-arch,
  title = {Freedom Systems 2.0 Architecture}, 
  author = {Philippe Boucher and Adam Shostack and Ian Goldberg}, 
  institution = {Zero Knowledge Systems, {Inc.}}, 
  year = {2000}, 
  month = {December}, 
  type = {White Paper}, 
  day = {18}, 
}

@techreport{freedom21-security,
  title = {Freedom Systems 2.1 Security Issues and Analysis}, 
  author = {Adam Back and Ian Goldberg and Adam Shostack}, 
  institution = {Zero Knowledge Systems, {Inc.}}, 
  year = {2001}, 
  month = {May}, 
  type = {White Paper}, 
}

@inproceedings{cfs:sosp01,
  title = {Wide-area cooperative storage with {CFS}},
  author = {Frank Dabek and M. Frans Kaashoek and David Karger and Robert Morris and Ion Stoica},
  booktitle = {Proceedings of the 18th {ACM} {S}ymposium on {O}perating {S}ystems {P}rinciples ({SOSP} '01)},
  year = {2001},
  month = {October},
  address = {Chateau Lake Louise, Banff, Canada},
}

@inproceedings{SS03,
  title = {Passive Attack Analysis for Connection-Based Anonymity Systems}, 
  author = {Andrei Serjantov and Peter Sewell}, 
  booktitle = {Computer Security -- ESORICS 2003}, 
  publisher =   {Springer-Verlag, LNCS (forthcoming)},
  year = {2003}, 
  month = {October}, 
  note = {\url{http://www.cl.cam.ac.uk/users/aas23/papers_aas/conn_sys.ps}},
}

@Article{raghavan87randomized,
   author =      {P. Raghavan and C. Thompson},
   title =       {Randomized rounding: A technique for provably good algorithms and algorithmic proofs},
   journal =     {Combinatorica},
   volume =      {7},
   pages =       {365--374},
   year =        {1987},
}

@InProceedings{leighton91fast,
   author =      {Frank Thomson Leighton and Fillia Makedon and Serge A. Plotkin and
                  Clifford Stein and Eva Tardos and Spyros Tragoudas},
   title =       {Fast Approximation Algorithms for Multicommodity Flow Problems},
   booktitle =   {{ACM} Symposium on Theory of Computing},
   pages =       {101-111},
   year =        {1991},
   note =        {\newline \url{http://citeseer.nj.nec.com/91073.html}},
}

@Misc{pk-relations,
   author =      {M. Bellare and A. Desai and D. Pointcheval and P. Rogaway},
   title =       {Relations Among Notions of Security for Public-Key Encryption
                  Schemes},
   howpublished = {
                  Extended abstract in {\em Advances in Cryptology - CRYPTO '98}, LNCS Vol. 1462.
                  Springer-Verlag, 1998.
                  Full version available from \newline \url{http://www-cse.ucsd.edu/users/mihir/}},
}


@InProceedings{mix-acc, 
  author =      {Roger Dingledine and Michael J. Freedman and David
                  Hopwood and David Molnar},
  title =       {{A Reputation System to Increase MIX-net
                  Reliability}},
  booktitle =   {Information Hiding (IH 2001)},
  pages =       {126--141},
  year =        2001,
  editor =      {Ira S. Moskowitz},
  publisher =   {Springer-Verlag, LNCS 2137},
  note =        {\url{http://www.freehaven.net/papers.html}},
}

@InProceedings{casc-rep,
   author =      {Roger Dingledine and Paul Syverson},
   title =       {{Reliable MIX Cascade Networks through Reputation}},
  booktitle =    {Financial Cryptography (FC '02)},
  year =         2002,
  editor =       {Matt Blaze},
  publisher =    {Springer-Verlag, LNCS 2357},
  note =        {\newline \url{http://www.freehaven.net/papers.html}},
}

@InProceedings{zhou96certified,
   author =      {Zhou and Gollmann},
   title =       {Certified Electronic Mail},
   booktitle =   {{ESORICS: European Symposium on Research in Computer
                  Security}},
   publisher =   {Springer-Verlag, LNCS 1146},
   year =        {1996},
   note =        {\newline \url{http://citeseer.nj.nec.com/zhou96certified.html}},
}

@Misc{realtime-mix,
   author =      {Anja Jerichow and Jan M\"uller and Andreas Pfitzmann and
                  Birgit Pfitzmann and Michael Waidner}, 
   title =       {{Real-Time MIXes: A Bandwidth-Efficient Anonymity Protocol}},
   howpublished = {IEEE Journal on Selected Areas in Communications, 1998.},
   note =        {\url{http://www.zurich.ibm.com/security/publications/1998.html}},
}

@InProceedings{BEAR-LIONESS,
    author =     {Ross Anderson and Eli Biham},
    title =      {Two Practical and Provably Secure Block Ciphers: {BEAR} and {LION}},
    booktitle =  {International Workshop on Fast Software Encryption},
    year =       {1996},
    publisher =  {Springer-Verlag},
    note =       {\url{http://citeseer.nj.nec.com/anderson96two.html}},
}

@Misc{SPC,
    author =     {Daniel Bleichenbacher and Anand Desai},
    title =      {A Construction of a Super-Pseudorandom Cipher},
    howpublished = {Manuscript},
}


@InProceedings{danezis-pets03,
  author = 	 {George Danezis},
  title = 	 {Mix-networks with Restricted Routes},
  booktitle = 	 {Privacy Enhancing Technologies (PET 2003)},
  year =	 2003,
  editor =	 {Roger Dingledine},
  publisher =	 {Springer-Verlag LNCS 2760}
}

@InProceedings{gap-pets03,
  author = 	 {Krista Bennett and Christian Grothoff},
  title = 	 {{GAP} -- practical anonymous networking},
  booktitle = 	 {Privacy Enhancing Technologies (PET 2003)},
  year =	 2003,
  editor =	 {Roger Dingledine},
  publisher =	 {Springer-Verlag LNCS 2760}
}

@Article{hordes-jcs,
  author = 	 {Brian Neal Levine and Clay Shields},
  title = 	 {Hordes: A Multicast-Based Protocol for Anonymity},
  journal = 	 {Journal of Computer Security},
  year = 	 2002,
  volume =	 10,
  number =	 3,
  pages =	 {213--240}
}

@TechReport{herbivore,
  author = 	 {Sharad Goel and Mark Robson and Milo Polte and Emin G\"{u}n Sirer},
  title = 	 {Herbivore: A Scalable and Efficient Protocol for Anonymous Communication},
  institution =  {Cornell University Computing and Information Science},
  year = 	 2003,
  type =	 {Technical Report},
  number =	 {TR2003-1890},
  month =	 {February}
}

@InProceedings{p5,
  author = 	 {Rob Sherwood and Bobby Bhattacharjee and Aravind Srinivasan},
  title = 	 {$P^5$: A Protocol for Scalable Anonymous Communication},
  booktitle = 	 {2002 IEEE Symposium on Security and Privacy},
  pages =	 {58--70},
  year =	 2002,
  publisher =	 {IEEE CS}
}

@phdthesis{ian-thesis,
  title = {A Pseudonymous Communications Infrastructure for the Internet}, 
  author = {Ian Goldberg}, 
  school = {UC Berkeley}, 
  year = {2000}, 
  month = {December}, 
}

@Article{taz,
  author = 	 {Ian Goldberg and David Wagner},
  title = 	 {TAZ Servers and the Rewebber Network: Enabling
                  Anonymous Publishing on the World Wide Web},
  journal = 	 {First Monday},
  year = 	 1998,
  volume =	 3,
  number =	 4,
  month =	 {August},
  note =	 {\url{http://www.firstmonday.dk/issues/issue3_4/goldberg/}}
}

@inproceedings{wright02,
  title = {An Analysis of the Degradation of Anonymous Protocols}, 
  author = {Matthew Wright and Micah Adler and Brian Neil Levine and Clay Shields}, 
  booktitle = {Proceedings of the Network and Distributed Security Symposium - {NDSS} '02}, 
  year = {2002}, 
  month = {February}, 
  publisher = {IEEE}, 
}

@inproceedings{wright03,
  title = {Defending Anonymous Communication Against Passive Logging Attacks}, 
  author = {Matthew Wright and Micah Adler and Brian Neil Levine and Clay Shields}, 
  booktitle = {2003 IEEE Symposium on Security and Privacy}, 
  pages= {28--41},
  year = {2003}, 
  month = {May}, 
  publisher = {IEEE CS}, 
}

%%% Local Variables: 
%%% mode: latex
%%% TeX-master: "tor-design"
%%% End: