[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[freehaven-cvs] keep poking at section 2.3. still not happy with it.

To: freehaven-cvs@xxxxxxxxxxxxx
Subject: [freehaven-cvs] keep poking at section 2.3. still not happy with it.
From: arma@xxxxxxxx
Date: Fri, 10 Mar 2006 19:58:15 -0500 (EST)
Delivered-to: archiver@seul.org
Delivered-to: freehaven-cvs-outgoing@seul.org
Delivered-to: freehaven-cvs@seul.org
Delivery-date: Fri, 10 Mar 2006 19:58:21 -0500
Reply-to: freehaven-dev@xxxxxxxxxxxxx
Sender: owner-freehaven-cvs@xxxxxxxxxxxxx

Update of /home/freehaven/cvsroot/doc/alpha-mixing
In directory moria:/home/arma/work/freehaven/doc/alpha-mixing

Modified Files:
	alpha-mixing.tex 
Log Message:
keep poking at section 2.3. still not happy with it.


Index: alpha-mixing.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/alpha-mixing/alpha-mixing.tex,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -d -r1.22 -r1.23
--- alpha-mixing.tex	11 Mar 2006 00:53:45 -0000	1.22
+++ alpha-mixing.tex	11 Mar 2006 00:58:13 -0000	1.23
@@ -348,25 +348,25 @@
 attacker has used this fact to form his judgement. In order to avoid
 this, we must (paradoxically!) ignore this fact completely and pick
 alphas from a distribution which is independent of the receiver and
-the message's content. (Of course, this
-distribution can still be conditional on the utility
-function.)
+the message's content. Of course, we cannot defeat this attack entirely
+because the sender's distribution will still be
+conditional on her utility function: messages from users with higher
+security needs will in fact still behave differently.
 
-Of course, there are still external factors to consider.
-We'd like to go a step further and make the sender's software
-enforce that he doesn't vary alpha based on the receiver or message
-content.
-Indeed, we can go a step further and design the software so that the
-sender can not influence his choice of 
+There are still external factors to consider. We'd like to
+go a step further and make the sender's software enforce that she doesn't
+vary alpha based on each message's receiver or content. This approach
+would best convince the attacker that the sender \emph{could not} have
+changed it.
+Also, if a given user is the only sender with extremely
+high alpha values, then intersection attacks over time (watching the
+high-value messages and what senders were active before each) will
+reveal her. But we will ignore these black-box network attacks since
+they are not the focus of this paper.
 
-one must convince the jury that the sender *could
-not* have picked the alphas any other way (otherwise those with high
-latency/security tradeoff will be more likely to be suspected of dodgy
-things as is indeed the case in practice as no doubt every anonymity
-researcher has experienced. In anonymity language, the attacker will
-try determine the sender's security parameter by mounting an
-intersection attack. We will see that some alpha strategies are more
-effective at combatting this than others.
+Below we will see that some strategies for choosing the alpha values are
+more effective than others at preventing the attacker from learning the
+security preferences of senders.
 
 \section{Distributing $\sum \alpha$ against a distributed adversary}
 \label{sec:distributing-alpha}

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxx with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/

Prev by Author: [freehaven-cvs] oh, and remove the decoy section too
Next by Author: [freehaven-cvs] happier with 2.2 and 3 now
Previous by thread: [freehaven-cvs] Coclusion
Next by thread: [freehaven-cvs] Minor in the conclusion
Index(es):
- Author
- Thread