[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[freehaven-cvs] strawman abstract
Update of /home/freehaven/cvsroot/doc/econp2p03
In directory moria.mit.edu:/home/arma/work/freehaven/doc/econp2p03
Modified Files:
econp2p03.tex
Log Message:
strawman abstract
Index: econp2p03.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/econp2p03/econp2p03.tex,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- econp2p03.tex 1 Apr 2003 23:51:37 -0000 1.4
+++ econp2p03.tex 2 Apr 2003 00:55:24 -0000 1.5
@@ -41,20 +41,26 @@
\begin{abstract}
-\end{abstract}
+Decentralized anonymity systems tend to be unreliable. Users must choose
+paths through the network without knowing enough about the state of the
+network. Reputation systems can improve reliability by predicting the
+state of the network. Here we focus on anonymous remailers and anonymous
+publishing, explain why the systems can benefit from reputation, and
+describe our experiences designing reputation systems for them while still
+providing anonymity. Maintaining anonymity while integrating reputation
+is tricky, and in each example we had to redesign the underlying anonymity
+system to support reputation.
-%\begin{center}
-%\textbf{Keywords:} foo, bar, baz
-%\end{center}
+\end{abstract}
-\section{Introdoction}
+\section{Introduction}
In decentralized networks, many traditional means of ensuring
accountability between participants become unworkable. As the
-combined resources of indivitual participants outgrow those of a
-(possibly nonexistant) central authority, top-down enforcement of good
-behavior becomes unwieldy. As the number of participants becomes
-large, repeated interactions between participants can become
+combined resources of individual participants outgrow those of a
+(possibly nonexistent) central authority, top-down enforcement of good
+behavior becomes unwieldy. As the number of participants grows,
+repeated interactions between participants can become
infrequent, and so individuals cannot rely on their own past
experience to recognize those who behave badly. Under these
circumstances, reputation is one of few workable means to keep hostile
@@ -63,9 +69,9 @@
But when the network's very purpose is to provide anonymity,
reputation itself becomes problematic. On the one hand, anonymity
enables an attacker or freeloader to acquire a bad reputation for as
-many psuedonymous identities as he likes, throwing each one away at no
+many pseudonymous identities as he likes, throwing each one away at no
real cost. But on the other hand, any reputation information that the
-system {\it does} manage do gather could be used by an adversary to
+system {\it does} manage to gather could be used by an adversary to
attempt to analyze and subvert the anonymity provided.
So we are left with a conundrum: if the networks's stability relies
@@ -77,7 +83,7 @@
As with security, it is tempting but incorrect to think that
reputation is a simple matter of bolting an extra service to the side
of an existing system. In the rest of this paper, we illustrate this
-point with examples from deputation systems that have been designed
+point with examples from reputation systems that have been designed
for use in networks that provide pseudonymity and anonymity. First,
however, we outline the incentive structures involved in deploying
such networks.
***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs in the body. http://freehaven.net/