[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[freehaven-cvs] more patches throughout

To: freehaven-cvs@freehaven.net
Subject: [freehaven-cvs] more patches throughout
From: arma@seul.org (Roger Dingledine)
Date: Sun, 25 Jan 2004 07:23:50 -0500 (EST)
Delivered-to: archiver@seul.org
Delivered-to: freehaven-cvs-outgoing@seul.org
Delivered-to: freehaven-cvs@seul.org
Delivery-date: Sun, 25 Jan 2004 07:24:15 -0500
Reply-to: freehaven-dev@freehaven.net
Sender: owner-freehaven-cvs@freehaven.net
Update of /home/freehaven/cvsroot/doc/e2e-traffic
In directory moria.mit.edu:/home2/arma/work/freehaven/doc/e2e-traffic

Modified Files:
	e2e-traffic.tex 
Log Message:
more patches throughout


Index: e2e-traffic.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/e2e-traffic/e2e-traffic.tex,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -d -r1.30 -r1.31
--- e2e-traffic.tex	25 Jan 2004 11:59:32 -0000	1.30
+++ e2e-traffic.tex	25 Jan 2004 12:23:48 -0000	1.31
@@ -219,8 +219,8 @@
 mount a \emph{long-term intersection attack} by correlating the times at
 which senders and receivers are active \cite{disad-free-routes}.
 
-A variety of countermeasures make intersection attacks harder:
-Kesdogan's Stop-and-go mixes
+A variety of countermeasures make intersection attacks harder.
+Kesdogan's stop-and-go mixes
 \cite{stop-and-go} provide probabilistic anonymity by letting users
 specify message latencies, thereby broadening the range of times
 messages might emerge from the mix network. Similarly, batching strategies
@@ -325,9 +325,9 @@
 
 Danezis also derives a precondition that the attack will only succeed when
 \( m < \frac{N}{b-1} \), and calculates the expected number of rounds to
-succeed (with $95\%$ confidence for security parameter $\l=2$ and $99\%$
+succeed (with $95\%$ confidence for security parameter $l=2$ and $99\%$
 confidence for $l=3$):
-\[t > \left[ ml \left(\sqrt{\frac{m-1}{m}} +
+\[t > \left[ m \cdot l \left(\sqrt{\frac{m-1}{m}} +
                        \sqrt{\frac{N-1}{N^2}(b-1)} \right) \right]^2 \]
 
 %======================================================================
@@ -380,12 +380,12 @@
 $\V{o_i}$ gives us
 \[\B{O} = \frac{1}{t}\sum_{i=1}^{t}{\V{o_i}}
             \approx
-              \frac{\B{m}\V{v} + (b-\B{m})\B{U}}{b}
+              \frac{\B{m} \cdot \V{v} + (b-\B{m})\B{U}}{b}
               \mbox{\ where\ } \B{m} = \frac{1}{t}\sum{m_i} \]
 
 From this, the attacker estimates Alice's behavior as
 \[\V{v} \approx \frac{1}{\B{m}}
-            \left[ b\B{O} - (b-\B{m})\B{U} \right] \]
+            \left[ b \cdot \B{O} - (b-\B{m})\B{U} \right] \]
 
 \subsubsection{Attacking pool mixes and mix networks:}
 % \label{subsubsec:complex-mix} can't usefully label subsubsections.
@@ -446,8 +446,8 @@
 compute $\B{O_w}$, the mean of the observations from all of these rounds,
 weighted by the expected number of messages from Alice exiting in each
 round:
-\[ \B{O_w} = \sum_i \sum_{r=0}^k P_R^i(r) m_i \V{o_{i+r}}
-   \approx \frac{\B{m}\V{v} + (\B{n}-\B{m})\V{u}}{\B{n}} \]
+\[ \B{O_w} = \sum_i \sum_{r=0}^k P_R^i(r) \cdot m_i \cdot \V{o_{i+r}}
+   \approx \frac{\B{m} \cdot \V{v} + (\B{n}-\B{m})\V{u}}{\B{n}} \]
 
 To solve for Alice's behavior $\V{v}$, the attacker now needs a good estimate
 for the background $\V{u}$.  The attacker gets this by
@@ -461,7 +461,7 @@
 and the attacker can thus solve again for $\V{v}$ in the earlier equation for
 $\B{O_w}$, now using
 \[\V{u} \approx \frac{1}{1-\delta_a}
-               \left[ \B{n} \B{U'} - \delta_a \V{v} \right] \]
+               \left[ \B{n} \cdot \B{U'} - \delta_a \cdot \V{v} \right] \]
 
 Senders can also deviate from the original model
 by directing their messages through multi-hop paths
@@ -799,7 +799,7 @@
 original statistical disclosure attack as reference.  As expected, the attack
 succeeds easily, and finishes faster against uniform senders than weighted
 senders for equivalent values of $\left<N,m,b\right>$.
-Interestingly, the attack against uniform senders was {\it faster} than the
+Interestingly, the attack against uniform senders is {\it faster} than the
 original statistical disclosure attack---because the background traffic is
 now clustered about popular recipients, Alice's recipients stand out
 more. %than they did before.
@@ -817,20 +817,18 @@
 round.  We also assume that all senders choose paths of exactly the same
 length.
 
-Unlike in the simulations above, `rounds' are now determined not by a batch
+Unlike earlier, `rounds' are now determined not by a batch
 mix receiving a fixed number $b$ of messages, but by the passage of a fixed
 interval of time.  Thus, the number of messages sent by the background is no
 longer a fixed $b-n_a$ (where $n_a$ is the number of messages Alice sends),
 but now follows a normal distribution with mean $BG$ (and standard deviation
 set arbitrarily to $BG/10$).\footnote{It's hard to determine
-  standard deviations for actual message volumes on the currently deployed
-  remailer
+  standard deviations for actual message volumes on the deployed remailer
   network: automatic reliability checkers that send messages to themselves
-  (``pingers'') contribute to a false sense of uniformity, while other users
+  (``pingers'') contribute to a false sense of uniformity, while some users
   generate volume spikes by sending enormous fragmented files, or maliciously
-  flooding discussion groups and remailer nodes.  Neither group blends with
-  the bulk
-  of the senders on the network.}
+  flooding discussion groups and remailer nodes. Neither group blends
+  well with the other senders.}
 
 \begin{figure}[ht]
 \centering
@@ -840,7 +838,7 @@
 \end{figure}
 
 To examine the effect of pool parameters, we fixed $m$ at $32$ and $N$ at
-$2^16$, and had Alice use the `uniform' model discussed above.  The results
+$2^{16}$, and had Alice use the `uniform' model discussed above.  The results
 of these simulations are presented in Figure~\ref{fig34}.  Lines running off
 the top of the graph represent cases in which fewer than half of the attacks
 converged upon Alice's recipients within 1,000,000 rounds, and so no median
@@ -851,11 +849,9 @@
 input message from Alice, effectively `spreading' each message across several
 output rounds.  More interestingly, pooling is most effective at especially
 high or especially low volumes of traffic from Alice: the `spreading' effect
-here makes it especially hard for the attacker to recognize rounds that
-contain messages from Alice (when she sends less) or to recognize
-rounds that contain more messages (when she sends more).
-% XXX can you explain this better? -NM
-
+here makes it especially hard for the attacker to discern rounds that
+contain messages from Alice when she sends few messages, or to discern
+rounds that don't contain Alice's messages when she sends many messages.
 
 \subsubsection{The impact of dummy traffic:}
 %\label{subsec:sim-dummies}
@@ -865,16 +861,15 @@
 low-latency systems \cite{defensive-dropping}, little work has been done to
 examine their effectiveness against long-term intersection attacks.
 
-%hm. tense switches between present and past. -rd
-First, we chose to restrict our examination (due to time constraints) to the
+First, we choose to restrict our examination (due to time constraints) to the
 effects of dummy messages in several cases of the pool-mix/mix network
 simulation
 above.  Because we are interested in learning how well dummies thwart
-analysis, we chose cases where, in the absence of dummies, the attacker had
+analysis, we choose cases where, in the absence of dummies, the attacker had
 little trouble in learning Alice's recipients.
 
 % Are there better citations for these strategies?  Are there better names?
-The first passing strategy we evaluated (``independent geometric padding'')
+Our first padding strategy (``independent geometric padding'')
 is based on the link padding strategy from the Mixminion design
 \cite{minion-design}: Alice generates a random number of dummy messages in
 each round according to a geometric distribution with parameter $\Pjunk$,
@@ -902,7 +897,7 @@
 Padding slows the attack, but does not necessarily stop it.  As shown in
 Figure~\ref{fig5a}, geometric padding is most helpful when the underlying
 mix network has a higher variability in message delay to `spread' the padding
-between rounds.  With lower variability, Alice needs to send far more padding
+between rounds.  Otherwise, Alice must send far more padding
 messages to confuse the attacker.
 
 We are currently running our simulations on other padding models, including
@@ -915,11 +910,11 @@
 Finally, we examine the degree to which a non-global passive adversary can
 mount the statistical disclosure attack.  Again, we base our simulation on
 the mix network simulation where the attacker can only observe a few mixes, and
-try to see whether a non-global observer can do so also.
+see whether a non-global observer can do so also.
 
 % (have we defined 'entry'?) -NM
 Clearly, if Alice chooses only from a fixed set of entry and exit mixes as
-suggested by \cite{XXXX}, and the attacker is watching none of
+suggested by \cite{wright03}, and the attacker is watching none of
 her chosen mixes, the attack will fail---and conversely, if the attacker is
 watching all of her chosen mixes, the attack proceeds as before.  For our
 simulation, therefore, we assume that all senders (including Alice) choose

***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/
Prev by Author: [freehaven-cvs] clean trials 1 and 2, merge figs 1 and 2
Next by Author: [freehaven-cvs] play with the conclusion
Previous by thread: [freehaven-cvs] Regenerate graphs
Next by thread: [freehaven-cvs] play with the conclusion
Index(es):
- Author
- Thread