[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[freehaven-cvs] all very minor edits through section 6

To: freehaven-cvs@freehaven.net
Subject: [freehaven-cvs] all very minor edits through section 6
From: feamster@seul.org (Nick Feamster)
Date: Thu, 29 Jan 2004 01:41:27 -0500 (EST)
Delivered-to: archiver@seul.org
Delivered-to: freehaven-cvs-outgoing@seul.org
Delivered-to: freehaven-cvs@seul.org
Delivery-date: Thu, 29 Jan 2004 01:42:08 -0500
Reply-to: freehaven-dev@freehaven.net
Sender: owner-freehaven-cvs@freehaven.net
Update of /home/freehaven/cvsroot/doc/routing-zones
In directory moria.mit.edu:/tmp/cvs-serv6252

Modified Files:
	routing-zones.tex 
Log Message:
all very minor edits through section 6



Index: routing-zones.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/routing-zones/routing-zones.tex,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -d -r1.59 -r1.60
--- routing-zones.tex	29 Jan 2004 06:29:40 -0000	1.59
+++ routing-zones.tex	29 Jan 2004 06:41:25 -0000	1.60
@@ -40,7 +40,7 @@
 analyze the AS-level paths that are likely to be used in these anonymity
 networks. We find several cases in each network where multiple nodes are
 in the same administrative domain. Further, many paths between nodes,
-and between nodes and popular endpoints, traverse the same domains.
+and between nodes and popular endpoints, traverse the same domain.
 
 \end{abstract}
 
@@ -72,16 +72,16 @@
 from learning which message in the batch originated from a given
 sender~\cite{chaum81,trickle02}.
 \item {\bf{Padding:}} Senders provide decoy traffic as well as normal
-traffic, to complicate the adversary's attempts to correlate sender and
+traffic to complicate the adversary's attempts to correlate sender and
 receiver~\cite{langos02,pipenet,defensive-dropping}.
 \item {\bf{Dispersal:}} Reducing the chance that the adversary sees
 both endpoints for a given communication may entirely block some
-attacks on low-latency networks, and slow down intersection attacks on
+attacks on low-latency networks, and disrupting intersection attacks on
 high-latency networks.
 \end{tightlist}
 
 Dispersal can be achieved by increasing the number of nodes in the
-network, so an adversary of a given strength sees less of the
+network so an adversary of a given strength sees less of the
 network~\cite{econymics,bennett:pet2003,morphmix:fc04}; by arranging
 the overlay
 topology so messages can enter or exit at more places in the network
@@ -126,7 +126,7 @@
 random node selection---even when the initiator never chooses the same node
 for both entry and exit---are likely to be observed by a single AS between
 10\% and 30\% of the time, depending on the location of the initiator
-and responder, and that the single AS that can observe these paths is
+and responder and that the single AS that can observe these paths is
 always a backbone ISP.  We conclude that a slightly different node
 selection algorithm can allow users of these networks to minimize the
 likelihood that their entry path and exit path traverse the same AS.
@@ -358,8 +358,8 @@
 can use endpoint attacks to break $(\frac{c}{n})^2$ of the transactions. By
 requiring the path from Alice to the anonymity network and the
 path from the anonymity network to Bob to traverse separate
-ASes, as long as the ASes do not collude, we can prevent all of these
-observed transactions.
+ASes, we can prevent all of these
+observed transactions as long as the ASes do not collude.
 
 Intra-network attacks on low-latency networks can also be useful. In
 particular, paths in Tor and the (no longer deployed) Freedom protocol
@@ -373,7 +373,7 @@
 Mixmaster takes a lot more time and effort than one against a low-latency
 system like Tor.  However, because an observer of even a few Mixmaster nodes
 may be able to link Alice to her recipients over time~\cite{e2e-traffic},
-our work here also has impact on protecting such high-latency systems
+our work here is also relevant for protecting such high-latency systems
 from a one-AS adversary.  Further, intra-network observations
 (particularly during periods of low traffic) can be combined with active
 attacks such as message flooding to shrink the set of messages that mix
@@ -410,10 +410,10 @@
 Also assume that all nodes in the network are listed as working (typically
 some nodes are listed as temporarily offline).
 
-To build a path of length $\ell$, Alice first picks an exit node at
-random from $E$, and then picks the other $\ell-1$ nodes from $N$. In the
-\emph{remailer network} case she picks nodes such that no node appears
-twice in a row; in the \emph{onion routing} case she picks nodes such
+To build a path of length $\ell$, Alice first selects an exit node at
+random from $E$, and then selects the other $\ell-1$ nodes from $N$. In the
+\emph{remailer network} case she selects nodes such that no node appears
+twice in a row; in the \emph{onion routing} case she selects nodes such
 that no node appears twice anywhere in the path.
 
 \subsection{AS-level Mix Network Path Estimation}\label{sec:mix_aspath}
@@ -477,7 +477,7 @@
   between two ASes and, as a result, infer the wrong AS-level path to a
   destination.  
 
-\item {\em Determine the origin and destination AS for the path in
+\item {\em Determine the origin and destination ASes for the path in
   question.}  To determine the AS-level path between two hosts, we must
   obviously determine the ASes where the hosts are located.  This is
   reasonably easy: generally, it is sufficient to look in a BGP routing
@@ -497,17 +497,18 @@
   Fortunately, we can use heuristics from previous work that tend to
   work reasonably well~\cite{Gao2001}.  
 
-\vspace{0.1in} 
-  The basic idea is to exploit the {\em valley-free} property of
-  Internet paths to assign pairwise relationships between ASes.  That
-  is, an AS path traverses a sequence of customer-provider edges, zero
-  or one peering edges, and then a sequence of provider-customer
-  edges.  Therefore, each AS pair in an AS path can be assigned either a
-  customer-provider or a provider-customer relationship: every pair
-  before the AS with the highest degree in the path is assigned a
-  customer-provider relationship, and every pair after this AS is
-  assigned a provider-customer relationship.  The complete details of
-  the inference algorithm are provided in previous work~\cite{Gao2001}.
+\vspace{0.1in} The basic idea is to exploit the {\em valley-free}
+  property of Internet paths to assign pairwise relationships between
+  ASes.  That is, an AS path traverses a sequence of customer-provider
+  edges, zero or one peering edges, and then a sequence of
+  provider-customer edges.  Therefore, each AS pair in an AS path can be
+  assigned either a customer-provider or a provider-customer
+  relationship: every pair before the AS with the highest degree in the
+  path is assigned a customer-provider relationship, and every pair
+  after this AS is assigned a provider-customer relationship.  If, for
+  two separate AS paths, two ASes are customers of each other, then the
+  algorithm designates them as peers.  The complete details of the
+  inference algorithm are provided in previous work~\cite{Gao2001}.
 
 
 \item {\em Estimate the AS-level path between the two ASes by finding
@@ -569,15 +570,16 @@
 lists of senders and receivers that we used in our experiments are in
 Appendix~\ref{sec:send_recv}.
 
-Note that in this paper we use these networks to get a plausible set of
-nodes for our model. The Tor nodes represent a newborn network where the
-only participants are developers and very early adopters, whereas the
-Mixmaster network represents a wider participant set because it has been
-deployed for many years. We compare how each of these node sets performs
-when the initiators are typical DSL or cable modem users in the US, and the
-responders are popular websites in the US---in effect, we are evaluating
-the safety of the newborn Tor network and the safety of a node set that
-we hope reflects how the Tor network will look when it grows more mature.
+Note that in this paper we use the topologies of existing mix networks
+to get a plausible set of nodes for our model. The Tor nodes represent a
+newborn network where the only participants are developers and very
+early adopters, whereas the Mixmaster network represents a wider
+participant set because it has been deployed for many years. We compare
+how each of these node sets performs when the initiators are typical DSL
+or cable modem users in the US, and the responders are popular websites
+in the US---in effect, we are evaluating the safety of the newborn Tor
+network and the safety of a node set that we hope reflects how the Tor
+network will look when it grows more mature.
 
 \subsection{Internet Topology}
 
@@ -768,14 +770,14 @@
 \begin{minipage}[ht]{5.75cm}
 \mbox{\epsfig{figure=as_observe_all.eps,width=6cm}}
 \caption{Fraction of paths where a single AS can observe all
-  of the links on the mix network path.}
+  of the links in the mix network path.}
 \label{fig:as_observe}
 \end{minipage}
 \hfill
 \begin{minipage}[ht]{5.75cm}
 \mbox{\epsfig{figure=as_observe_75,width=6cm}}
 \caption{Fraction of paths where a single AS can observe all but one
-  of the links on the mix network path.%\protect\footnotemark
+  of the links in the mix network path.%\protect\footnotemark
 }  
 \label{fig:as_observe_75}
 \end{minipage}
@@ -792,7 +794,7 @@
 and two have less than two links and, thus, are never observed by the
 same AS twice.  The AS that contains the second node in a three-hop path
 will always observe all links in the path because it is incident on both
-links on the path; for the same reason, the ASes of the second and third
+links in the path; for the same reason, the ASes of the second and third
 hops in a four-hop path will always be able to observe all but one link
 in the path.
 
@@ -804,7 +806,7 @@
 node to be used only once (``without replacement'', as in {\em onion
 routing}).  Figure~\ref{fig:as_observe} shows two interesting results.
 First, for all mix paths shorter than four hops, a single AS can observe
-all of the links on the mix network path.  Second, Tor's node
+all of the links in the mix network path.  Second, Tor's node
 selection algorithm (i.e., the onion routing scheme) provides
 significant protection against observation at multiple links, but this
 node selection scheme helps the Mixmaster topology less.  For example, a four-hop
@@ -899,7 +901,7 @@
 
 These results suggest that the sender in a mix network should exercise
 care when selecting entry and exit nodes to avoid choosing entry and
-exit paths that traverse the same AS.  These results suggest that it is
+exit paths that traverse the same AS.  They also suggest that it is
 certainly {\em possible} for an intelligent sender to select entry and
 exit nodes such that the entry and exit paths do not traverse the same
 AS on entry and exit (e.g., between Speakeasy and Google, only 8\% of
@@ -1009,7 +1011,7 @@
 \item We analyzed the AS-level path properties of existing mix networks
   and found that certain tier-1 ISPs are prevalent on many mix network
   paths.  If node replacement is used in path selection, the probability
-  that a single AS observes all links on a four-hop path through the mix
+  that a single AS observes all links in a four-hop path through the mix
   is between 0.1 and 0.2; if node replacement is not used, this
   probability is less than 0.05 for both the Tor and Mixmaster
   topologies.

***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/
Prev by Author: [freehaven-cvs] fixed labels and font
Next by Author: [freehaven-cvs] final edits
Previous by thread: [freehaven-cvs] edits in sec6
Next by thread: [freehaven-cvs] compress secs 7 and 8, add new subsec
Index(es):
- Author
- Thread