[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[freehaven-cvs] a few initial fixes

To: freehaven-cvs@freehaven.net
Subject: [freehaven-cvs] a few initial fixes
From: arma@seul.org (Roger Dingledine)
Date: Wed, 30 Jul 2003 20:53:24 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: freehaven-cvs-outgoing@seul.org
Delivered-to: freehaven-cvs@seul.org
Delivery-date: Wed, 30 Jul 2003 20:53:37 -0400
Reply-to: freehaven-dev@freehaven.net
Sender: owner-freehaven-cvs@freehaven.net

Update of /home/freehaven/cvsroot/doc/e2e-traffic
In directory moria.mit.edu:/home2/arma/work/freehaven/doc/e2e-traffic

Modified Files:
	e2e-traffic.tex 
Log Message:
a few initial fixes


Index: e2e-traffic.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/e2e-traffic/e2e-traffic.tex,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- e2e-traffic.tex	30 Jul 2003 18:46:58 -0000	1.1
+++ e2e-traffic.tex	31 Jul 2003 00:53:21 -0000	1.2
@@ -50,23 +50,26 @@
 
 One such class of attacks are the {\it long-term intersection attacks}
 wherein an eavesdropper observes a large volume of network traffic,
-and notices that, over time, that certain recipients are likelier to
+and notices over time that certain recipients are more likely to
 receive messages when given senders are transmitting messages.
 Categorical defenses against this attack tend to require either an
 impractically large amount of cover traffic, or a set of senders with
 near-perfect uptimes.
+% i would argue they require both? if you do great cover traffic but
+% aren't online much, you lose; and if you're online but not sending 
+% much, you also lose.
 
 An example of a long-term intersection attack is proposed by Agrawal,
-Kesdogan, and Penz\cite{limits-open}.  Their {\it disclosure attack}
+Kesdogan, and Penz \cite{limits-open}.  Their {\it disclosure attack}
 assumes a fairly strict model of sender behavior, and works against
-only a single batch mix (one that waits until it receives $b$
+only a single batch mix (a batch mix waits until it receives $b$
 messages, then reorders and retransmits them all).  Additionally, the
 disclosure attack requires an attacker to mount a computationally
 difficult and algorithmically complex attack in order to reveal the
 connections between senders and recipients.
 
 Danezis presents an algorithmically simpler {\it statistical
-  disclosure attack}\cite{statistical-disclosure} that requires far
+disclosure attack} \cite{statistical-disclosure} that requires far
 less computational effort on the behalf of the attacker.  This attack
 is far easier to describe and implement, but it assumes the same
 restrictive sender and network models as the original disclosure
@@ -80,12 +83,12 @@
 \begin{itemize}
 \item The target sender chooses non-uniformly among their
   communication partners, send multiple messages at once, and has
-  some some non-repeated recipients.
+  some non-repeated recipients.
 \item The attacker lacks {\it a priori} knowledge of the network's
   average behavior in the sender's absence.
 \item Mixes in the system use a better batching algorithm, such as 
-  the timed dynamic-pool algorithm\cite{trickle02} used by
-  Mixmaster\cite{mixmaster-spec}, or the generalized mix algorithm
+  the timed dynamic-pool algorithm \cite{trickle02} used by
+  Mixmaster \cite{mixmaster-spec}, or the generalized mix algorithm
   proposed by \cite{pet2003-diaz}.
 \item The sender uses a path through a mix network, instead of just a
   single mix.
@@ -93,7 +96,7 @@
   recipient.
 \item The attacker can only view a subset of the messages entering and
   leaving the network, but this subset includes some messages from
-  the sender, and some messages to the sender's recipients.
+  the sender and some messages to the sender's recipients.
 \item The behavior of the cover traffic generated by other senders
   changes continuously over time.  (We do not address this case
   completely).
@@ -108,7 +111,7 @@
 \begin{itemize}
 \item Statistical linkability between messages.  For example, a pair
   of messages written in the same language is likelier to have been
-  written by a single sender than is a pair of messages written in two
+  written by a single sender than is a pair of messages written in
   different languages.
 \item Full linkability between messages.  For example, if messages
   are pseudonymous, all messages from the same pseudonym are almost
@@ -124,7 +127,7 @@
 \item The sender's behavior is not consistent over time.  If the
   sender does not maintain a group of regular recipients for the
   required duration, the attacker cannot learn the sender's behavior.
-\item The attacker cannot observer the network's cover behavior.  If
+\item The attacker cannot observe the network's cover behavior.  If
   the sender always sends the same number of messages, the attacker
   may not be able to get a view of the network's exit behavior in the
   sender's absence. % Awkwardly phrased!
@@ -496,7 +499,7 @@
 
 \XXXX{Can we do anything with non-parametric linkages?  IOW, can we
   proceed given an
-  arbitrary collection of $P($sender-of-msg$_i$=sender-of-msg$_j$)?}
+  arbitrary collection of $P($sender-of-msg$_i$=sender-of-msg$_j)$?}
 
 \XXXX{This section is really about distinguishability, perhaps.}
 

***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/

Prev by Author: [freehaven-cvs] Check in preliminary, iffy draft of some parts of e2...
Previous by thread: [freehaven-cvs] Check in preliminary, iffy draft of some parts of e2...
Index(es):
- Author
- Thread