With the evolution of the P2P research field, new problems, such as those related with information security, have arisen. It is important to provide security mechanisms to P2P systems, since it has already become one of the key issues when evaluating them. However, even though many P2P systems have been adapted to provide a security baseline to their underlying applications, more advanced capabilities are becoming necessary. Specifically, privacy preservation and anonymity are deemed essential to make the information society sustainable. Unfortunately, sometimes, it may be difficult to attain anonymity unless it is included into the system's initial design. The JXTA open protocols specification is a good example of this kind of scenario. This work studies how to provide anonymity to JXTA's architecture in a feasible manner and proposes an extension which allows deployed services to process two-way messaging without disclosing the endpoints' identities to third parties.

We present an efficient Hybrid Mix scheme that provides both routing flexibility and the optimal length of ciphertext. Although it is rather easy to embed routing information in the ciphertext, and a scheme that provides the optimal length of ciphertext is already known, it is not a trivial task to achieve both properties all at the same time. A critical obstacle for providing the optimal length of ciphertext is the session-key encapsulation header in a ciphertext that carries the encrypted session-key to each router, which linearly increases according to the number of intermediate routers. We solve this problem by improving the previously reported Hybrid Mix scheme such that the resulting scheme benefits from routing flexibility with a constant length of such headers. Our basic scheme is only secure against honest, but curious intermediate routers. Therefore, we further address the robustness issue to prevent malicious behavior by incorporating and improving an existing efficient approach based on the Message Authentication Code.