[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[freehaven-cvs] give us a real abstract, fix typos throughout
Update of /home/freehaven/cvsroot/doc/routing-zones
In directory moria.mit.edu:/home2/arma/work/freehaven/doc/routing-zones
Modified Files:
routing-zones.tex
Log Message:
give us a real abstract, fix typos throughout
Index: routing-zones.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/routing-zones/routing-zones.tex,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -d -r1.17 -r1.18
--- routing-zones.tex 27 Jan 2004 03:20:33 -0000 1.17
+++ routing-zones.tex 27 Jan 2004 04:56:54 -0000 1.18
@@ -31,16 +31,23 @@
infrastructure for protection against attacks---typically an adversary
who can control or observe a larger fraction of the network can launch a
more effective attack. We investigate the diversity of deployed anonymity
-networks with respect to an adversary who observes the network edges.
-We find that. We recommend that.
+networks with respect to an adversary who controls a single Internet
+administrative domain.
-We implement a recent invented technique to , and apply it experimentally
-against two deployed anonymity networks (Mixmaster and Tor)
+Specifically, we implement a variant of a recently proposed technique
+that passively estimates the AS-level path between two arbitrary
+end-hosts without having access to either end of the path. Using this
+technique, we analyze the AS-level paths that are likely to result
+in two deployed anonymity networks: Mixmaster and Tor. We find several
+cases in each network where multiple nodes are in the same administrative
+domain. Further, many paths between nodes, and between nodes and popular
+endpoints, traverse the same domains.
We define a \emph{jurisdictional independence} metric to characterize
-the robustness of a given anonymity network
-
-
+the vulnerability of an anonymity network to this adversary, assess
+the stability of the two networks (how much vulnerability
+changes by adding or removing a few nodes), and suggest ways to improve
+the independence of anonymity networks in general.
\end{abstract}
@@ -558,7 +565,7 @@
for mix network users (i.e., senders and receivers), since we are only
examining properties of the mix nodes themselves. (To the extent
possible, a user should try to minimize the ASes that can observe
-mutiple edges along a mix network path.) Second, we use our estimates
+multiple edges along a mix network path.) Second, we use our estimates
for typical locations of senders and receivers to determine the
robustness properties of current node selection algorithms in mix
networks; again, we note how these properties change as the number and
@@ -611,13 +618,13 @@
sense of security. For example, Tarzan suggests subdividing the node
space into {\tt /16} prefixes, and subsequently into {\tt /24} prefixes
and selecting nodes from distinct subsets of the IP prefix space to
-reduce the liklihood that two mix nodes are in the jurisdiction of a
+reduce the likelihood that two mix nodes are in the jurisdiction of a
single AS~\cite{freedman:ccs02}. Unfortunately, this technique does not
necessarily increase the likelihood of jurisdictional independence: of
the five pairs Mixmaster nodes that are located in the same AS, three of
these pairs (those in ASes 3269, 7132, and 23504) not only have distinct
{\tt /16} prefixes, they also have distinct {\tt /8} prefixes.
-Simiarly, one of the Tor network nodes in AS 23504 has a distinct {\tt
+Similarly, one of the Tor network nodes in AS 23504 has a distinct {\tt
/16} prefix. This suggests that, to achieve jurisdictional
independence, a mix network should explicitly consider the actual AS of
a host, not simply its IP address.
***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs in the body. http://freehaven.net/