[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[freehaven-cvs] Added abstract, made grammar fixes. Getting ready to...

To: freehaven-cvs@freehaven.net
Subject: [freehaven-cvs] Added abstract, made grammar fixes. Getting ready to...
From: rabbi@seul.org
Date: Fri, 26 Mar 2004 04:55:23 -0500 (EST)
Delivered-to: archiver@seul.org
Delivered-to: freehaven-cvs-outgoing@seul.org
Delivered-to: freehaven-cvs@seul.org
Delivery-date: Fri, 26 Mar 2004 04:55:50 -0500
Reply-to: freehaven-dev@freehaven.net
Sender: owner-freehaven-cvs@freehaven.net
Update of /home2/freehaven/cvsroot/doc/mixmaster-vs-reliable
In directory moria.mit.edu:/tmp/cvs-serv21433

Modified Files:
	mixvreliable.tex 
Log Message:
Added abstract, made grammar fixes. Getting ready to submit!


Index: mixvreliable.tex
===================================================================
RCS file: /home2/freehaven/cvsroot/doc/mixmaster-vs-reliable/mixvreliable.tex,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- mixvreliable.tex	26 Mar 2004 06:07:51 -0000	1.8
+++ mixvreliable.tex	26 Mar 2004 09:55:21 -0000	1.9
@@ -22,7 +22,27 @@
 
 \begin{abstract}
 
-Len
+We evaluate the anonymity provided by two popular email mix
+implementations, Mixmaster and Reliable, and compare their effectiveness
+through the use of simulations which model the algorithms used by these
+mixing applications. In order to draw accurate conclusions about the
+operation of these mixes, we use as our input to these simulations actual
+traffic data obtained from a public anonymous remailer (mix node). We
+determine that assumptions made in previous literature about the
+distribution of mix input traffic are incorrect, and our analysis of the
+input traffic shows that it follows no known distribution. We establish for
+the first time that a lower bound exists on the anonymity of Mixmaster, and
+discover that under certain circumstances the algorithm used by Reliable
+provides no anonymity. We find that the upper bound on anonymity provided
+by Mixmaster is slightly higher than that provided by Reliable. We identify
+flaws in the software code in Reliable that further compromise its ability
+to provide anonymity, and review key areas which are necessary for the
+security of a mix in addition to a sound algorithm. Our analysis can be
+used to evaluate under which circumstances the two mixing algorithms should
+be utilized to best achieve anonymity and satisfy their purpose. Our work
+can also be used as a framework for establishing a security review process
+for mix node deployments.
+
 \end{abstract}
 
 
@@ -42,11 +62,11 @@
 They also allow the sender of a message to stay anonymous to the
 recipient.
 
-The objective of this work was to have quantitative results on the
+The objective of this work is to have quantitative results on the
 anonymity actually provided by two mix software implementations in wide
 deployment, in order to test the actual anonymity provided to the users of
 the remailer service, and to compare the two different designs. We evaluate
-anonymity in a single-node context; in order to assess the anonymity
+anonymity in a single-node context. In order to assess the anonymity
 provided by the entire remailer network, additional considerations are
 necessary. As individual nodes are the basic component to the network of
 mixes, we aim to provide information to be considered when choosing this
@@ -54,7 +74,7 @@
 remailer, and simulated the behaviour of the mix.
 
 
-(Len) Summary of what we have done
+% (Len) Summary of what we have done
 
 % (Len) Roadmap of the paper
 
@@ -62,9 +82,9 @@
 \label{mixes}
 
 Mixes are the essential building block to provide anonymous email
-services. A mix is a router that hides the correspondence between incoming
+services. A mix is a router that hides the relationship between incoming
 and outgoing messages. The mix changes the appearance and the flow of the
-messages. In order to change the appearance of the messages, the mix uses
+messages. In order to change the appearance of the messages the mix uses
 some techniques, such as padding and encryption, thus providing bitwise
 unlinkability between inputs and outputs. Techniques like reordering and
 delaying messages, and generating dummy traffic are used to modify the
@@ -73,20 +93,21 @@
 input and an output messages by looking at the time the message arrived to
 and left from the mix.
 
-The idea of mixes was introduced by Chaum \cite{chaum-mix}.  
-This first design was a \emph{threshold mix}, a mix that collects a
-certain number of messages and then flushes them. Since then, variants on
-this first design have been proposed in the literature. In this paper, we
-focus on two practical mix designs, which have been implemented and are
-part of the Mixmaster remailer network\cite{mixmaster-announce}, that has been
+The idea of mixes was introduced by Chaum \cite{chaum-mix}.  This first
+design was a \emph{threshold mix}, a mix that collects a certain number of
+messages and then flushes them. Since then, variants on this first design
+have been proposed in the literature. In this paper, we focus on two
+practical mix designs that have been implemented and are part of the
+Mixmaster remailer network\cite{mixmaster-announce}, which has been
 providing anonymous email services since 1995.
 
 The first design is called ``Mixmaster'' (as the remailer network) because
-it corresponds to the original design by Cottrell \cite{remailer-attacks,mixmaster-spec}.
-The second design, called ``Reliable'', uses a different reordering
-strategy.~\cite {RProcess} The details of the two remailers are explained
-in the following sections. We compare version 3.0 of the Mixmaster
-software and version 1.0.5 of Reliable.
+it is descended from the original software program designed by Cottrell
+\cite{remailer-attacks,mixmaster-spec}. The second design, called
+``Reliable'', uses a different reordering strategy.~\cite {RProcess} The
+details of the two remailers are explained in the following sections. We
+compare version 3.0 of the Mixmaster software and version 1.0.5 of
+Reliable.
 
 \subsection{Mixmaster}
 
@@ -100,7 +121,7 @@
   required\cite{remailer-attacks,mixminion}.}  
 is a \emph{pool} mix. Pool mixes process the messages in batches. They
 collect messages for some time, place them in the pool (memory of the
-mix), and select some of them for flushing (in random order) when the
+mix), and select some of them for flushing in random order when the
 flushing condition is fulfilled.
 Mixmaster is a timed mix which has a \emph{timeout} of 15
 minutes. During this period of time, it collects messages that are
@@ -139,10 +160,10 @@
 exponential distribution. The mix holds the message for the specified
 delay and then forwards it. The messages are reordered by the
 randomness of the delay distribution. This mix sends messages
-continuously: every time a message has been kept for the delay time,
+continuously: every time a message has been kept for the delay time
 it is sent by the mix.   
 
-Reliable inter-operates with Mixmaster on the protocol level by using the
+Reliable interoperates with Mixmaster on the protocol level by using the
 Mixmaster message format for packet transfer. Reliable uses a variant of
 the \emph{S-G Mix} design. In Reliable, the delay may be chosen by the
 user from an exponential distribution of mean one hour. If the user
@@ -162,8 +183,8 @@
 A dummy message is a \emph{fake} message introduced in the mix network
 in order to make it more difficult for an attacker to deploy attacks
 that can compromise the anonymity of a message. The dummy message is
-normally produced by the mixes, and they have as destination another
-mix, instead of a real recipient.
+normally produced by the mixes, and they select as destination another
+mix instead of a real recipient.
 
 Dummies are indistinguishable from real messages as they travel in the
 mix network. As they are introduced to prevent traffic analysis, the
@@ -197,9 +218,9 @@
 \section{Anonymity metrics}
 \label{metrics}
 
-In this section we introduce the anonymity metrics for mixes. We
-remark the particularities of some mix designs (binomial mixes and
-threshold mixes). Also, we present the attack model considered.
+In this section we introduce the anonymity metrics for mixes. We remark on
+the particularities of some mix designs (binomial mixes and threshold
+mixes). Also, we present the attack model which we have considered.
 
 \emph{Anonymity} was defined by Pfitzmann and K\"ohntopp
 \cite{Pfitzmann00} as \emph{``the state of being not identifiable within a
@@ -230,22 +251,22 @@
 possible outputs. 
 \\
 
-Note that in the two cases, the metric computes the anonymity of a
-\emph{particular} input or output message; it does not give a general
+Note that in these two cases, the metric computes the anonymity of a
+\emph{particular} input or output message, it does not give a general
 value for a mix design and it is dependent on the traffic pattern. The
 advantage of this property is that mixes may offer information about the
 \emph{current} anonymity they are providing. The disadvantage is that it
 becomes very difficult to compare theoretically different mix designs.
-Nevertheless, it is possible to measure on real systems (or simulate) the
-anonymity obtained for a large number of messages and provide comparative
-statistics, as we do in this paper.
+Nevertheless, it is possible to measure on real systems (or simulations)
+the anonymity obtained for a large number of messages and provide
+comparative statistics, as we do in this paper.
 
 In order to measure the Mixmaster's sender and recipient anonymity, we
 have applied the formulas provided by D\'iaz and Preneel in
 \cite{diaz_ih04}. The anonymity of Reliable has been measured using
 the formulas presented in Appendix~\ref{form-reliable}. Note that we
 could not apply the method used by Kesdogan \cite{stop-and-go} because
-we did not make any assumption on the distribution of the mix' incoming
+we did not make any assumption on the distribution of the mix's incoming
 traffic (Kesdogan assumes incoming Poisson traffic).  
 
 
@@ -261,15 +282,13 @@
 outgoing message. 
 
 
-\section{Simulators}
-\label{sims}
-We have implemented Java simulators for Reliable and Mixmaster. We
-have fed the simulated mixes with real input, obtained by logging a
-timestamp every time a message arrived to a working Mixmaster node
-(note that the information logged does not threaten the anonymity of
-the users of the mix). We have used four months of incoming traffic
-(July-November 2003) in order to obtain the results presented in
-Section~\ref{results}. 
+\section{Simulators} \label{sims} We have implemented Java simulators for
+Reliable and Mixmaster. We have fed the simulated mixes with real input,
+obtained by logging a timestamp every time a message arrived to a working
+Mixmaster node (note that the information we logged does not threaten the
+anonymity of the users of the mix). We have used four months of incoming
+traffic (July-November 2003) in order to obtain the results presented in
+Section~\ref{results}.
 
 In order to make a fair comparison, we have set the mean of the
 exponential delay of Reliable (default $1$ hour) to be the same as
@@ -536,16 +555,16 @@
 
 \section{Other factors which influence anonymity}
 
-We have evaluated the anonymity strength provided by the mixing algorithms
-chosen for both Mixmaster and Reliable. Additional
-factors have a direct impact on the anonymity provided by the system.
-Concerns such as the security of the underlying operating system, host
-server integrity, proper implementation of the cryptographic functions
-provided by the remailer software, and likelihood of administration
-mistakes all contribute to the overall anonymity these software packages
-can provide. We assume that no active attacks against the software
-occurred during the development or compilation process, though additional
-concerns are present in that area~\cite{trusting-trust}.
+We have evaluated the anonymity strength of the mixing algorithms
+implemented in Mixmaster and Reliable. Additional factors have a direct
+impact on the anonymity provided by the system. Concerns such as the
+security of the underlying operating system, host server integrity, proper
+implementation of the cryptographic functions provided by the remailer
+software, and likelihood of administration mistakes all contribute to the
+overall anonymity these software packages can provide. We assume that no
+active attacks against the software occurred during the development or
+compilation process, though additional concerns are present in that
+area~\cite{trusting-trust}.
 
 This paper does not aim to be an in-depth analysis of the full spectrum of
 host-attacks against remailer nodes, Nevertheless, it is important to

***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/
Prev by Author: [freehaven-cvs] Fixed some typos, corrected bib errors.
Next by Author: [freehaven-cvs] Added Evelyne"s comments.
Previous by thread: [freehaven-cvs] Fixed some typos, corrected bib errors.
Next by thread: [freehaven-cvs] Added Evelyne"s comments.
Index(es):
- Author
- Thread