Secure logging of retained data for an anonymity service

Research output: Contribution to book/conference proceedings/anthology/reportConference contributionContributedpeer-review



The recently introduced legislation on data retention to aid prosecuting cyber-related crime in Europe also affects the achievable security of systems for anonymous communication on the Internet. We have analyzed the newly arising risks associated with the process of accessing and storage of the retained data and propose a secure logging system, which utilizes cryptographic smart cards, trusted time stamping servers and distributed storage. These key components will allow for controlled access to the stored log data, enforce a limited data retention period, ensure integrity of the logged data, and enable reasonably convenient response to any legitimated request of the retained data. A practical implementation of the proposed scheme was performed for the AN.ON anonymity service, but the scheme can be used for other services affected by data retention legislation.


Original languageEnglish
Title of host publicationPrivacy and Identity Management for Life - 5th IFIP WG 9.2, 9.6/11.7, 11.4, 11.6/PrimeLife International Summer School, 2009, Revised Selected Papers
EditorsMichele Bezzi, Penny Duquenoy, Simone Fischer-Hubner, Ge Zhang, Marit Hansen
PublisherSpringer Verlag, New York
Number of pages15
ISBN (print)9783642142819
Publication statusPublished - 2010

Publication series

SeriesIFIP Advances in Information and Communication Technology


Title5th IFIP WG 9.2, 9.6/11.7, 11.4, 11.6/PrimeLife International Summer School, 2009
Duration7 - 11 September 2009

External IDs

ORCID /0000-0002-0466-562X/work/142246158