Sybil-Resistant Parallel Mixing
Authors: Maya Kleinstein (Hebrew University of Jerusalem), Riad Wahby (Carnegie Mellon University), Yossi Gilad (Hebrew University of Jerusalem)
Volume: 2025
Issue: 4
Pages: 639–652
DOI: https://doi.org/10.56553/popets-2025-0149
Abstract: Parallel mixing is a common technique for efficiently unlinking messages from their senders' identity. It involves multiple servers arranged in a stratified mix-network (mixnet), each shuffling a fraction of the messages in parallel with others and then relaying them to a subsequent server. By the end of the route through the mixnet's servers, after applying each server's local shuffle, all messages are mixed together, hiding the senders' identities. Unfortunately, parallel mixing is bottlenecked by the busiest server in each mixnet stratum and does not offer a way to ensure load balancing across the servers. Thus, Sybil clients can coordinate to route their messages through one victim server in the middle of the mixnet and subsequent strata, stalling message delivery for everyone and keeping their identities hidden since their messages were already shuffled with those from other clients. This paper presents BalancedMixnet, a new protocol for load balancing clients across the servers in a parallel mix network while ensuring sender anonymity. Our protocol relies on anonymous credentials to ensure clients use a route through the mixnet that is selected uniformly at random and, at the same time, let servers verify that the message is from a valid client and prevent replay attacks. The cost of issuing and validating credentials can be easily amortized across multiple messages from the same client. We implement and evaluate BalancedMixnet, illustrating that the cost of integrating it into a parallel mixnet is modest and provides substantial benefits against Sybil attacks.
Keywords: Parallel mixing, mix network, Sybil attacks and anonymity
Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.
