{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,6]],"date-time":"2026-05-06T10:57:51Z","timestamp":1778065071241,"version":"3.51.4"},"publisher-location":"Berlin, Heidelberg","reference-count":23,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540281146","type":"print"},{"value":"9783540318705","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005]]},"DOI":"10.1007\/11535218_11","type":"book-chapter","created":{"date-parts":[[2010,12,20]],"date-time":"2010-12-20T13:20:34Z","timestamp":1292851234000},"page":"169-187","source":"Crossref","is-referenced-by-count":91,"title":["A Formal Treatment of Onion Routing"],"prefix":"10.1007","author":[{"given":"Jan","family":"Camenisch","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anna","family":"Lysyanskaya","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"11_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"336","DOI":"10.1007\/978-3-540-24638-1_19","volume-title":"Theory of Cryptography","author":"M. Backes","year":"2004","unstructured":"Backes, M., Pfitzmann, B., Waidner, M.: A general composition theorem for secure reactive systems. In: Naor, M. (ed.) TCC 2004. LNCS, vol.\u00a02951, pp. 336\u2013354. Springer, Heidelberg (2004)"},{"key":"11_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1007\/3-540-44702-4_3","volume-title":"Designing Privacy Enhancing Technologies","author":"O. Berthold","year":"2001","unstructured":"Berthold, O., Pfitzmann, A., Standtke, R.: The disadvantages of free MIX routes and how to overcome them. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol.\u00a02009, pp. 30\u201345. Springer, Heidelberg (2001)"},{"key":"11_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1007\/978-3-540-45146-4_8","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"J. Camenisch","year":"2003","unstructured":"Camenisch, J., Shoup, V.: Practical verifiable encryption and decryption of discrete logarithms. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 126\u2013144. Springer, Heidelberg (2003)"},{"key":"11_CR4","doi-asserted-by":"crossref","unstructured":"Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: Proc. 42nd IEEE Symposium on Foundations of Computer Science (FOCS), pp. 136\u2013145 (2001)","DOI":"10.1109\/SFCS.2001.959888"},{"key":"11_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1007\/3-540-39200-9_16","volume-title":"Advances in Cryptology \u2013 EUROCRPYT 2003","author":"R. Canetti","year":"2003","unstructured":"Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol.\u00a02656, pp. 255\u2013271. Springer, Heidelberg (2003)"},{"issue":"2","key":"11_CR6","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1145\/358549.358563","volume":"24","author":"D. Chaum","year":"1981","unstructured":"Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM\u00a024(2), 84\u201388 (1981)","journal-title":"Communications of the ACM"},{"issue":"10","key":"11_CR7","doi-asserted-by":"publisher","first-page":"1030","DOI":"10.1145\/4372.4373","volume":"28","author":"D. Chaum","year":"1985","unstructured":"Chaum, D.: Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM\u00a028(10), 1030\u20131044 (1985)","journal-title":"Communications of the ACM"},{"key":"11_CR8","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1007\/BF00206326","volume":"1","author":"D. Chaum","year":"1988","unstructured":"Chaum, D.: The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of Cryptology\u00a01, 65\u201375 (1988)","journal-title":"Journal of Cryptology"},{"key":"11_CR9","doi-asserted-by":"crossref","unstructured":"Danezis, G.: The traffic analysis of continuous-time mixes. In: Privacy Enhancing Technologies, PET (2004)","DOI":"10.1007\/11423409_3"},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: The second-generation onion router. In: USENIX Security Symposium, pp. 303\u2013320. USENIX (2004)","DOI":"10.21236\/ADA465464"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. SIAM Journal on Computing (2000)","DOI":"10.1137\/S0097539795291562"},{"issue":"2","key":"11_CR12","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1145\/293411.293443","volume":"42","author":"D.M. Goldschlag","year":"1999","unstructured":"Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Onion routing for anonymous and private internet connections. Comm. of the ACM\u00a042(2), 84\u201388 (1999)","journal-title":"Comm. of the ACM"},{"issue":"2","key":"11_CR13","doi-asserted-by":"publisher","first-page":"270","DOI":"10.1016\/0022-0000(84)90070-9","volume":"28","author":"S. Goldwasser","year":"1984","unstructured":"Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences\u00a028(2), 270\u2013299 (1984)","journal-title":"Journal of Computer and System Sciences"},{"key":"11_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1007\/3-540-36415-3_4","volume-title":"Information Hiding","author":"D. Kesdogan","year":"2003","unstructured":"Kesdogan, D., Agrawal, D., Penz, S.: Limits of anonymity in open environments. In: Petitcolas, F.A.P. (ed.) IH 2002. LNCS, vol.\u00a02578, pp. 53\u201369. Springer, Heidelberg (2003)"},{"issue":"2","key":"11_CR15","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1137\/0217022","volume":"17","author":"M. Luby","year":"1988","unstructured":"Luby, M., Rackoff, C.: How to construct pseudorandom permutations and pseudorandom functions. SIAM J. Computing\u00a017(2), 373\u2013386 (1988)","journal-title":"SIAM J. Computing"},{"key":"11_CR16","doi-asserted-by":"publisher","first-page":"244","DOI":"10.1007\/3-540-36563-X_17","volume-title":"Cryptographer\u2019s Track \u2014 RSA 2003","author":"B. M\u00f6ller","year":"2003","unstructured":"M\u00f6ller, B.: Provably secure public-key encryption for length-preserving Chaumian mixes. In: Cryptographer\u2019s Track \u2014 RSA 2003, pp. 244\u2013262. Springer, Heidelberg (2003)"},{"key":"11_CR17","first-page":"184","volume-title":"IEEE Symposium on Research in Security and Privacy","author":"B. Pfitzmann","year":"2001","unstructured":"Pfitzmann, B., Waidner, M.: A model for asynchronous reactive systems and its application to secure message transmission. In: IEEE Symposium on Research in Security and Privacy, pp. 184\u2013200. IEEE Computer Society Press, Los Alamitos (2001)"},{"issue":"1","key":"11_CR18","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1145\/290163.290168","volume":"1","author":"M.K. Reiter","year":"1998","unstructured":"Reiter, M.K., Rubin, A.D.: Crowds: anonymity for Web transactions. ACM Transactions on Information and System Security (TISSEC)\u00a01(1), 66\u201392 (1998)","journal-title":"ACM Transactions on Information and System Security (TISSEC)"},{"key":"11_CR19","unstructured":"Shoup, V.: A proposal for an ISO standard for public key encryption (2001), http:\/\/eprint.iacr.org\/2001\/112"},{"key":"11_CR20","unstructured":"Shoup, V.: Sequences of games: a tool for taming complexity in security proofs (2004), http:\/\/eprint.iacr.org\/2004\/332"},{"key":"11_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BFb0054113","volume-title":"Advances in Cryptology - EUROCRYPT \u201998","author":"V. Shoup","year":"1998","unstructured":"Shoup, V., Gennaro, R.: Securing threshold cryptosystems against chosen ciphertext attack. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol.\u00a01403, pp. 1\u201316. Springer, Heidelberg (1998)"},{"key":"11_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"317","DOI":"10.1007\/978-3-540-24638-1_18","volume-title":"Theory of Cryptography","author":"D. Wikstr\u00f6m","year":"2004","unstructured":"Wikstr\u00f6m, D.: A universally composable mix-net. In: Naor, M. (ed.) TCC 2004. LNCS, vol.\u00a02951, pp. 317\u2013335. Springer, Heidelberg (2004)"},{"key":"11_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/11423409_13","volume-title":"Privacy Enhancing Technologies","author":"Y. Zhu","year":"2005","unstructured":"Zhu, Y., Fu, X., Graham, B., Bettati, R., Zhao, W.: On flow correlation attacks and countermeasures in mix networks. In: Martin, D., Serjantov, A. (eds.) PET 2004. LNCS, vol.\u00a03424, pp. 207\u2013225. Springer, Heidelberg (2005)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2005"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11535218_11.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,17]],"date-time":"2020-11-17T15:10:55Z","timestamp":1605625855000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11535218_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005]]},"ISBN":["9783540281146","9783540318705"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/11535218_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2005]]}}}