[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[freehaven-cvs] tweak sections 4,5. Add to conclusion.

To: freehaven-cvs@freehaven.net
Subject: [freehaven-cvs] tweak sections 4,5. Add to conclusion.
From: nickm@seul.org (Nick Mathewson)
Date: Sun, 25 Jan 2004 12:07:28 -0500 (EST)
Delivered-to: archiver@seul.org
Delivered-to: freehaven-cvs-outgoing@seul.org
Delivered-to: freehaven-cvs@seul.org
Delivery-date: Sun, 25 Jan 2004 12:08:16 -0500
Reply-to: freehaven-dev@freehaven.net
Sender: owner-freehaven-cvs@freehaven.net

Update of /home/freehaven/cvsroot/doc/e2e-traffic
In directory moria.mit.edu:/tmp/cvs-serv9285

Modified Files:
	e2e-traffic.tex 
Log Message:
tweak sections 4,5. Add to conclusion.

Index: e2e-traffic.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/e2e-traffic/e2e-traffic.tex,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -d -r1.33 -r1.34
--- e2e-traffic.tex	25 Jan 2004 14:09:06 -0000	1.33
+++ e2e-traffic.tex	25 Jan 2004 17:07:25 -0000	1.34
@@ -727,8 +727,8 @@
 %\label{fig2a}
 %\end{figure}
 
-We present the results of our simulations in Figure~\ref{fig1} (the low-$m$ curves
-are at the bottom).
+We present the results of our simulations in Figure~\ref{fig1} 
+(the low-$m$ curves are at the bottom).
 As expected, the attack
 becomes more effective when Alice sends messages to only a few
 recipients (small $m$); when there are fewer recipients for Alice to hide
@@ -818,12 +818,13 @@
 round.  We also assume that all senders choose paths of exactly the same
 length.
 
-Unlike earlier, `rounds' are now determined not by a batch
+Unlike before, `rounds' are now determined not by a batch
 mix receiving a fixed number $b$ of messages, but by the passage of a fixed
 interval of time.  Thus, the number of messages sent by the background is no
 longer a fixed $b-n_a$ (where $n_a$ is the number of messages Alice sends),
-but now follows a normal distribution with mean $BG$ (and standard deviation
-set arbitrarily to $BG/10$).\footnote{It's hard to determine
+but now follows a normal distribution with mean $BG=125$ and standard
+deviation
+set arbitrarily to $BG/10$.\footnote{It's hard to determine
   standard deviations for actual message volumes on the deployed remailer
   network: automatic reliability checkers that send messages to themselves
   (``pingers'') contribute to a false sense of uniformity, while some users
@@ -845,7 +846,7 @@
 converged upon Alice's recipients within 1,000,000 rounds, and so no median
 could be found.
 
-From these, we see that increased variability in message delay slows the
+From these results, we see that increased variability in message delay slows the
 attack by increasing the number of output messages that may correspond to any
 input message from Alice, effectively `spreading' each message across several
 output rounds.  More interestingly, pooling is most effective at especially
@@ -910,8 +911,7 @@
 %trial 6
 Finally, we examine the degree to which a non-global passive adversary can
 mount the statistical disclosure attack.  Again, we base our simulation on
-the mix network simulation where the attacker can only observe a few mixes, and
-see whether a non-global observer can do so also.
+the mix network simulation used as the basis for the padding trials above.
 
 % (have we defined 'entry'?) -NM
 Clearly, if Alice chooses only from a fixed set of entry and exit mixes as
@@ -944,7 +944,8 @@
 \section{Conclusions}
 \label{sec:conclusion}
 Our results demonstrate that long-term end-to-end intersection attacks
-can succeed under a variety of complicating factors.  In closing, we
+can succeed in the presence of a variety of complicating factors.  In
+closing, we
 suggest several open questions for future work, and offer recommendations
 for mix network designs.
 
@@ -992,8 +993,8 @@
 Although real social networks behave more like scale-free networks than like
 the original disclosure attack's model, our models for user behavior
 still have room for improvement.  For example, real users
-probably do not send messages with a geometric distribution independent of
-time: most people's email habits are based on a 24-hour sleep schedule.  The
+probably do not send messages with a time-invariant geometric distribution:
+most people's email habits are based on a 24-hour day, and a 7-day week.  The
 effects of this variation may be significant.
 
 Many of our simulations found ``sweet spots'' for settings such as mix pool
@@ -1032,17 +1033,26 @@
 messages' entry and exit points to cross geographical and organization
 boundaries; and (of course) increasing the number of mixes in the network.
 
-Much threat analysis for high-latency mix networks aims to provide perfect
-protection against an eavesdropper watching the entire network. We must
-stop asking whether a mix network can forever defend every conceivable
-sender against a global passive adversary.
+Much threat analysis for high-latency mix networks has aimed to provide
+perfect protection against an eavesdropper watching the entire network.
+But unless we adopt an unacceptable level of resource demands, it seems that
+some highly distinguishable senders will fall quickly, and many ordinary
+senders will fall more slowly, to long-term intersection attacks.
+We must stop asking whether our anonymity designs can forever defend every
+conceivable sender.
+%     against a global passive adversary.
 %Instead, we must ask _how long_
 %you can defend _which senders_ against an adversary who sees _how much_.
 %We show that mix networks are not secure against this global observer,
 %and that they can also be defeated by partial observers.
+Instead, we should attempt to quantify {\it how long} our designs can defend
+{\it which senders} against an adversary who sees {\it how much}.
 This paper helps move anonymity system threat analysis from inflexible
 security proofs to quantification of risk for given parameters of
 adversaries, senders, and mixes.
+%  How about ``We hope that this paper will help...'' ?
+
+
 
 % We said that fixed entry/exit might help too, but I now think it 
 % wouldn't.  Suppose the attacker observes c nodes out of n.  If I 
@@ -1053,18 +1063,21 @@
 % In fact, a limited attacker (P_observe=.2) with a diffuse target should
 % _hope_ that people choose fixed entries.  If they do, then he can
 % eventually make the intersection attack work against the ones who use him
-% as their fixed entry.  But if they _don't_ choose fixed entries, he only
+% as their fixed entry: he breaks 20% of the senders.  
+% But if they _don't_ choose fixed entries, he only
 % sees 4% of everyone's traffic, which is not enough to break anybody.
 %
+%
 % Fixed entries are a good idea for low-latency systems, when a single
 % connection with an attacker on each end compromises a sender--receiver
-% link.
-
+% link.  With high-latency systems, however, the number of observed
+% entry/exit pairs matters: so being _certainly_ very seldom observed can 
+% be better than being _possibly_ observed somewhat seldom.
 %
 
 \section*{Acknowledgments}
-Thanks go to Gerald Britton, Geoffrey Goodell, Novalis, Pete St. Onge,
-Peter Palfrader, Alistair Riddoch, and Mike Taylor for letting us run our
+Thanks go to Gerald Britton, Geoffrey Goodell, Novalis, Pete St. Onge, Peter
+Palfrader, Alistair Riddoch, and Mike Taylor for letting us run our
 simulations on their computers.
 
 

***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/

Prev by Author: [freehaven-cvs] tweak sections 4,5. Add to conclusion.
Next by Author: [freehaven-cvs] New graphs for a new day
Previous by thread: [freehaven-cvs] tweak sections 4,5. Add to conclusion.
Next by thread: [freehaven-cvs] correct related work, commit a new pdf
Index(es):
- Author
- Thread