Intersection Attack and using Dummy Addresses

                 Jedrzej Kabarowski, Miroslaw Kutylowski

We consider communication protocols in public networks which deliver 
encrypted messages to recipients in an anonymous way: the protocol hides
the link between the source of the message and its destination. 
Messages are cryptographically encoded and re-coded on their route. 
No relationship can be derived from the codes. Privacy protection of this kind
is necessary in many practical situations: electronic voting, access to  databases
with certain medical information, business negotiations and so on.

The case when a single message is sent by each recipient and there is
exactly one communication round is well understood and analyzed in the literature.
Severe problems occur when communication lasts for a longer time, 
the users establish and break connections. One technique to make 
a traffic analysis harder is to use dummy addresses.  We analyse the best choice 
for the number of dummy addresses to be used.