[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[freehaven-dev] Review: D. Martin's comm anon thesis

To: spectre@zeroknowledge.com
Subject: [freehaven-dev] Review: D. Martin's comm anon thesis
From: "Michael J. Freedman" <mfreed@zeroknowledge.com>
Date: Tue, 30 May 2000 20:12:42 -0400
Delivery-Date: Tue, 30 May 2000 22:11:09 -0400
Reply-To: freehaven-dev@seul.org
Sender: owner-freehaven-dev@seul.org

Hi all,

I just came across this thesis today and thought I'd mention it.
I don't know if you are familiar with it:

David Martin's PhD thesis (1999)
http://www.cs.du.edu/~dm/thesis.ps

Analysizes anonymity and attacks for communications systems 
in greater depth than most other papers I have seen, especially
comparatively between comm projects.  Freedom is not listed in
the 16 works.  I'm guessing it's mostly due to the paper's date
of publishing.

He goes through most of the "essential techniques" of anonymous
communications channels in Chapter 3.

The two "new" techniques proposed in Chapter 6 don't appear to
be anything special (on a somewhat brief first reading.)  The 
"trusted gateway" protocol (one gateway) and "superimposed
sending" (gateway chosen among users) sounds a lot like a firewall -
a system transmits a message to some "leader node" (gateway).
Things are trasmitted in the clear.  The external address changes 
the IP header info about the internal source.  In experiments,
gateway changed header source to itself to ensure address coherence
for protocols such as TCP and UDP.

When messages are received at the gateway, it multicasts the message
to the entire internal network.  Each node then does some other
implicit check to see if the packet was being addressed to it
(they experimentally just tested to see if the node had an open
socket dictating a response...)

Some of the partial anonymity aspects sounds awefully like a Crowds-
type system (i.e., external attackers can only reveal that sender is 
from k-anonymous set of possibilities, where k = size of internal 
system), but not done nearly as well (no internal chaining - if 
you infiltrate the gateway or snoop on internal links - you've won;
multicast to all internal nodes isn't scalable, *nor* is way they
talk about internal addressing (i.e., port open)).

I haven't looked at the protocols in great depth, but I really
don't see anything special in the protocols, although the review
of related works and attacks bears some merit and consideration.

Slowly settling in,
--mike


-- 
"Not all those who wander are lost."      mfreed@zeroknowledge.com

Prev by Date: [freehaven-dev] Flaw in anonymizers
Next by Date: [freehaven-dev] [Fwd: [News] British view of French Law project: Jane Wakefield L'Internet, c'est terrible]
Prev by thread: [freehaven-dev] Flaw in anonymizers
Next by thread: [freehaven-dev] [Fwd: [News] British view of French Law project: Jane Wakefield L'Internet, c'est terrible]
Index(es):
- Date
- Thread