User Registration

When you register your Anonize app, the app receives in return a cryptographic "master token". Think of this master token as a stamp. This stamp can be used to mint "digital coins", which will be used to submit surveys.

Only Authorized Users Can Submit

Using their master token, a user can mint one and only one coin for any survey they are authorized for. On the other hand, no user can forge a coin for surveys they are not authorized for. Anyone can verify whether a coin is "valid" for a particular survey.

Coins are Unlinkable

Anyone can verify that the coin minted by a user is valid (that is, it corresponds to a user that is authorized to submit in the survey) but there is absolutely no link between the user and the coin. The coins can therefore be used to replace user names when submitting a survey.

The first link below provides a detailed overview of the cryptographic technologies underlying the Anonize survey system. The second one provides formal security definitions, full descriptions of the cryptographic mechanisms, and mathematical proofs of security.

• Susan Hohenberger, Steven Myers, Rafael Pass, abhi shelat. "ANONIZE: A Large-Scale Anonymous Survey System, eprint/2015/681 (full version)


• Susan Hohenberger, Steven Myers, Rafael Pass, abhi shelat. "An Overview of ANONIZE: A Large-Scale Anonymous Survey System" , IEEE Security and Privacy Magazine, 2015.


• Susan Hohenberger, Steven Myers, Rafael Pass, abhi shelat. "ANONIZE: A Large-Scale Anonymous Survey System" , Oakland Security and Privacy Conference, 2014.