International Association
for Cryptologic Research

We present DURP, a decentralized protocol for

unobservable, anonymous reporting to an untrusted destination,

with low latency and overhead. DURP provably ensures strong

anonymity properties, as required for some applications (and not

provided by existing systems and practical designs, e.g., Tor),

specifically:

Provable unobservability against global eavesdropper and

malicious participants.

Provable source anonymity against a malicious destination.

Probable-innocence against a malicious destination which is

also a global eavesdropper.

DURP design is a modular combination of two modules: a

queuing module, ensuring fixed rates for certain events, together

with an anonymization module, which can use either Onion-Routing (DURP^OR) or Crowds (DURP^Crowds). We present anal-ysis, backed by simulation results, of the network properties and

performance of DURP, and show it has reasonable overhead. We

also use the analysis results to create an optimized version of

DURP.