. Berthold, H. Federrath, and S. Köpsell. Web mixes: A system for anonymous and unobservable internet access. In PETS, 2001.
 S. Chakravarty, M. V. Barbera, G. Portokalidis, M. Polychronakis, and A. D. Keromytis. On the effectiveness of traffic analysis against anonymity networks using flow records. In PAM, 2014.
 D. Chaum. The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of cryptology, 1(1):65-75, 1988.
 D. Chaum, F. Javani, A. Kate, A. Krasnova, J. de Ruiter, and A. T
Yaoqi Jia, Guangdong Bai, Prateek Saxena and Zhenkai Liang
. Madhyastha. Lastor: A lowlatency as-aware tor client. In IEEE S&P, 2012.
 R. Annessi and M. Schmiedecker. Navigator: Finding faster paths to anonymity. In IEEE Euro S&P, 2016.
 K. Bauer, D. McCoy, D. Grunwald, and D. Sicker. Bitblender: Light-weight anonymity for bittorrent. In AIPACa, 2008.
 P. Boucher, A. Shostack, and I. Goldberg. Freedom systems 2.0 architecture. Zero Knowledge Systems, Inc, 2000.
 J. Boyan. The anonymizer: Protecting user privacy on the web. Computer-Mediated Communication
We introduce a new cryptographic protocol based on the wellknown LearningWith Errors (LWE) problem: a group key transfer protocol which achieves anonymity of the members against each others. This issue is almost absent in the key transfer protocols from the literature but we argue it is a practical property. We motivate our construction by a practical need. We use two essential cryptographic primitives built from LWE: LWE Diffie-Hellman key exchange derived from Regev’s work [Regev, O.: On lattices, learning with errors, random linear codes, and cryptography, in: Proc. of the 37th Annual ACM Symposium on Theory of Computing-STOC ’05 (H. N. Gabow and R. Fagin, eds.), Baltimore, MD, USA, 2005, ACM, New York, 2005, pp. 84-93] and a public key cryptosystem secure under the LWE hardness. We provide a security definition for anonymous key transfer protocol and we achieve anonymity against IND-CPA adversaries.
Ryan Wails, Yixin Sun, Aaron Johnson, Mung Chiang and Prateek Mittal
 Masoud Akhoondi, Curtis Yu, and Harsha V. Madhyastha. LASTor: A low-latency AS-aware Tor client. In IEEE S&P, 2012.
 Alexa top 500 sites. https://www.alexa.com/topsites, 2017.
 Michael Backes, Sebastian Meiser, and Marcin Slowik. Your Choice MATor(s): Large-scale quantitative anonymity assessment of Tor path selection algorithms against structural attacks. PoPETs, 2016(2), 2016.
 Armon Barton and Matthew Wright. DeNASA: Destinationnaive AS-awareness in anonymous
. Towards Measuring Anonymity. In Privacy Enhancing Technologies (PET), 2003.
 R. Dingledine. Research Problem: Better Guard Rotation Parameters, August 2011. Available at https: //blog.torproject.org/blog/research-problem-better-guardrotation- parameters.
 R. Dingledine, N. Mathewson, and P. Syverson. Tor: The Second-Generation Onion Router. In USENIX Security Symposium (USENIX), August 2004.
 R. Dingledine, N. Hopper, G. Kadianakis, and N. Mathewson. One Fast Guard for Life (or 9 months). In Privacy Enhancing
Anna Kobusińska, Jerzy Brzeziński, Michał Boroń, Łukasz Inatlewski, Michał Jabczyński and Mateusz Maciejewski
Berthold, O., Federrath, H. and Kpsell, S. (2001). Web mixes: A system for anonymous and unobservable internet access, International Workshop on Designing Privacy Enhancing Technologies: Design Issues in Anonymity and Unobservability, Berkeley, CA, USA, pp. 115-129.
Boyd, C., Mao, W. and Paterson, K.G. (2005). Deniable authenticated key establishment for internet protocols, in B. Christianson et al. (Eds.), Security Protocols, Springer, Berlin/Heidelberg, pp. 255-271.
Dabek, F., Li, J., Sit, E., Robertson, J., Kaashoek, M. and Morris, R
Large-scale Quantitative Anonymity Assessment of Tor Path Selection Algorithms Against Structural Attacks
Michael Backes, Sebastian Meiser and Marcin Slowik
 Ookla’s NetIndex. http://www.netindex.com/value/allcountries/. Accessed July, 2015.
 Sourcecode of our analysis tool. https://www.infsec.cs.unisaarland.de/projects/anonymity-guarantees/mator2.html.
 Tails - live operating system focused on privacy and anonymity. https://tails.boum.org/. Accessed February, 2015.
 The Tor blog, announcing the release of tor 0.2.6.10. https: //blog.torproject.org/blog/tor-02610-released. Accessed August, 2015.
 Tor Metrics
 CAIDA. The CAIDA UCSD IPv4 routed /24 topology dataset, June 2015. http://www.caida.org/data/active/ipv4routed24topologydataset.xml.
 CAIDA. The CAIDA AS relationships, January 2016. http: //www.caida.org/data/as-relationships/.
 Claudia Diaz, Stefaan Seys, Joris Claessens, and Bart Preneel. Towards measuring anonymity. In PETS, 2003.
 Roger Dingledine, Nicholas Hopper, George Kadianakis, and Nick Mathewson. One fast guard for life (or 9 months). In HotPETs, 2014.
 Roger Dingledine
1. ESHRE Task Force on Ethics and Law III Gamete and embryo donation - Human Reproduction, 2002; 17(5): 1407-1408.
2. McWhinnie A. Gamete donation and anonymity, Hum Reprod, 2001; 16(5): 807-817.
3. Hill M (2002) Sperm donors “want to keep anonymity”. BBC News. Available from http://news.bbc.co.uk/1/hi/health/2329675.stm
4. Brett S, Sacranie RR, Thomas GE, and Rajkhowa R. Can we improve recruitment of oocyte donors with loss of donor anonymity? A hospital-based survey. Hum Fertil (Camb