On Secure and Pseudonymous Client-Relationships with Multiple Servers

Eran Gabber, Phillip B. Gibbons, David M. Kristol, Alain Mayer, Yossi Matias

Research output: Contribution to journalArticlepeer-review


This paper introduces a cryptographic engine, Janus, which assists clients in establishing and maintaining secure and pseudonymous relationships with multiple servers. The setting is such that clients reside on a particular subnet (e.g., corporate intranet, ISP) and the servers reside anywhere on the Internet. The Janus engine allows each client-server relationship to use either weak or strong authentication on each interaction. At the same time, each interaction preserves privacy by neither revealing a client's true identity (except for the subnet) nor the set of servers with which a particular client interacts. Furthermore, clients do not need any secure long-term memory, enabling scalability and mobility. The interaction model extends to allow servers to send data back to clients via e-mail at a later date. Hence, our results complement the functionality of current network anonymity tools and remailers. The paper also describes the design and implementation of the Lucent Personalized Web Assistant (LPWA), which is a practical system that provides secure and pseudonymous relations with multiple servers on the Internet. LPWA employs the Janus function to generate site-specific persone, which consist of alias usernames, passwords, and e-mail addresses.

Original languageEnglish
Pages (from-to)390-415
Number of pages26
JournalACM Transactions on Information and System Security
Issue number4
StatePublished - 1 Nov 1999


  • Algorithms
  • Anonymity
  • Experimentation
  • Janus function
  • Security
  • mailbox
  • persistent relationship
  • privacy
  • pseudonym


Dive into the research topics of 'On Secure and Pseudonymous Client-Relationships with Multiple Servers'. Together they form a unique fingerprint.

Cite this