[liberationtech] Traffic Analysis Countermeasures
adrelanos
adrelanos at riseup.net
Thu Jul 18 10:28:10 PDT 2013
Charles Allhands:
> Thanks for the link! Is there a reason why mix networks aren't commonly
> used?
Thanks for asking this interesting question. See this. Not written by
me. Source [1]
> Roger Dingledine Fri, 27 Apr 2012 00:10:48 -0700
>
> On Thu, Apr 26, 2012 at 04:15:04AM +0100, StealthMonger wrote:
>> If the channel has low latency, no hacking can conceal the packet
>> timing and volume correlation at the endpoints. It is high random
>> latency and thorough mixing that gain mixmaster its anonymity.
>> Dingledine and company would agree.
>
>
> Your "thorough mixing" phrase is critical here.
>
> Once upon a time, when we were working on both Mixminion and Tor, we were
> thinking of it as a tradeoff: Mixminion offers some protection against
> end-to-end correlation attacks [1], but the price is high and variable
> latency; whereas Tor offers basically no protection against somebody who
> can measure [2] flows at both sides of the circuit, but it's a lot more
> fun to use.
>
> (Another price of the mix design is that you only get to send a fixed-size
> relatively small message rather than have a bidirectional flow.)
>
> So oversimplifying a bit, we thought we had a choice between "high
> security, high latency" and "low security, low latency". But the trouble
> is that while Mixminion's design can provide more safety in theory, it
> needs the users before it can provide this safety in practice. Without
> enough users sending messages to mix with, high and variable latency by
> itself doesn't cut it.
>
> So oversimplifying a bit more, the choice may be better viewed as "low
> security, high latency" vs "low security, low latency". And that's a
> much easier choice to make. See [3] for more discussion.
>
> I haven't given up hope on end-to-end correlation resistance for
> low-latency flow-based designs like Tor (but papers like [4] don't make me
> optimistic for a quick fix). It's hard to see how we could end up with a
> large enough and diverse enough population of Mixminion users to let it
> fulfill its potential. Stay tuned to PETS [5] and related conferences,
> but be patient.
>
> --Roger
[1]
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg00022.html
More information about the liberationtech
mailing list