[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[freehaven-cvs] Add a footnote; tighten some prose in the first half...

To: freehaven-cvs@freehaven.net
Subject: [freehaven-cvs] Add a footnote; tighten some prose in the first half...
From: nickm@seul.org (Nick Mathewson)
Date: Mon, 3 May 2004 22:53:52 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: freehaven-cvs-outgoing@seul.org
Delivered-to: freehaven-cvs@seul.org
Delivery-date: Mon, 03 May 2004 22:54:38 -0400
Reply-to: freehaven-dev@freehaven.net
Sender: owner-freehaven-cvs@freehaven.net
Update of /home/freehaven/cvsroot/doc/e2e-traffic
In directory moria.mit.edu:/tmp/cvs-serv32725

Modified Files:
	e2e-traffic.tex 
Log Message:
Add a footnote; tighten some prose in the first half; finalize some graphs

Index: e2e-traffic.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/e2e-traffic/e2e-traffic.tex,v
retrieving revision 1.54
retrieving revision 1.55
diff -u -d -r1.54 -r1.55
--- e2e-traffic.tex	3 May 2004 00:10:22 -0000	1.54
+++ e2e-traffic.tex	4 May 2004 02:53:50 -0000	1.55
@@ -56,13 +56,13 @@
 by describing how an
 eavesdropper can learn sender-receiver connections even when the substrate
 is a network of pool mixes, the attacker is non-global, and senders have
-complex behavior including generating padding messages.
+complex behavior or generate padding messages.
 Additionally, we describe how an attacker can use information about
 message distinguishability to speed the attack.
 We simulate our attacks for a variety of
 scenarios, focusing on the amount of information needed to link senders
 to their recipients. In each scenario, we show that the intersection
-attack is slowed but still succeeds against a steady-state mixnet. We
+attack is slowed but still succeeds against a steady-state mix network. We
 find that the attack takes an impractical amount of time when message
 delivery times are highly variable; when the attacker can observe very
 little of the network; and when users pad consistently and the adversary
@@ -124,12 +124,12 @@
   asynchronous batching) to relay her messages through a succession of
   mixes, instead of using just a single mix.
 \item Alice disguises when she is sending real messages by sending
-  padding traffic to mix nodes in the network.
+  padding traffic to be dropped by mix nodes in the network.
 \item The attacker can only view a subset of the messages entering and
   leaving the network (so long as this subset includes some messages
   from Alice and some messages to Alice's recipients).
 \item The cover traffic generated by other senders changes
-  slowly over time.  (We do not address this case completely).
+  slowly over time.  (We do not address this case completely.)
 \end{tightlist}
 Each deviation from the original
 model reduces the rate at which the attacker learns Alice's recipients, and
@@ -138,8 +138,9 @@
 Additionally, we show how an attacker can exploit additional knowledge, such
 as distinguishability between messages, to speed these attacks.  For example,
 an attacker who sees message contents can take into account whether messages
-are written in the same language or signed by the same pseudonym, to
-partition them into different classes and analyze the classes independently.
+are written in the same language or signed by the same pseudonym, and thereby
+partition messages into different classes and analyze the classes
+independently.
 %\item {\it A priori} suspicion of certain messages having originated
 %  or not originated from Alice.  For example, messages written in a
 %  language Alice doesn't speak are unlikely to have been written
@@ -155,7 +156,7 @@
     % in the abstract. guess we'll wait to see if we do. -RD
 \item The attacker cannot observe how the network behaves in Alice's
   absence. If Alice always sends the same number of messages, in
-  every round, forever, the attacker may not be able to learn who receives
+  every round, forever, a passive attacker cannot learn who receives
   messages in Alice's absence.
   %% Our preliminary results suggest that this effect can be achieved with
   %% significantly less padding.
@@ -201,9 +202,9 @@
 likely to leave.
 
 Another class of anonymity designs aims to provide low-latency
-connections for web browsing and other interactive activities
-\cite{web-mix:pet2000,freedom2-arch,tor-design,or-jsac98},
-but we do not address them in this paper because short-term timing and packet
+connections for web browsing and other interactive services
+\cite{web-mix:pet2000,freedom2-arch,tor-design,or-jsac98}.
+We do not address these systems here because short-term timing and packet
 counting attacks seem sufficient against them \cite{SS03}.
 
 Attacks against mix networks aim to reduce the anonymity of users by
@@ -249,7 +250,7 @@
 A sender can also conceal whether she is currently active by consistently
 sending decoy (dummy) traffic. Pipenet \cite{pipenet} conceals
 traffic patterns by constant padding on every link. Unfortunately, a
-single user can shut down the network simply by not sending.
+single user can shut down this network simply by not sending.
 %%Backing
 %%off even a little bit from this constant-padding scheme has been thought to
 %%allow the
@@ -306,7 +307,7 @@
 \subsection{The statistical disclosure attack}
 \label{subsec:statistical-disclosure}
 In 2003, Danezis presented the statistical disclosure
-attack\cite{statistical-disclosure}, which makes the same operational
+attack \cite{statistical-disclosure}, which makes the same operational
 assumptions as the original disclosure attack but is far easier to implement
 in terms of storage, speed, and algorithmic complexity.  Unlike its
 predecessor, statistical disclosure only reveals {\it likely} recipients; it
@@ -317,7 +318,8 @@
 probability of Alice sending a message to each of the $N$ recipients
 in the system.  The elements of $\V{v}$ corresponding to Alice's $m$
 recipients will be $1/m$; the other $N-m$ elements of $\V{v}$ will
-be $0$.  We model the behavior of the covering traffic sent by other users
+be $0$.  We model the behavior of the covering ``background'' traffic
+sent by other users
 as a known vector $\V{u}$ each of whose $N$ elements is $1/N$.
 
 The attacker derives from each output round $i$ an observation vector
@@ -504,10 +506,16 @@
 \subsubsection{Dummy traffic:}
 %\label{subsubsec:dummy-traffic}
 Alice can also reduce the impact of traffic analysis by
-periodically sending messages into the network that are dropped inside
+periodically sending messages that are dropped
+  inside\footnote{Alice might
+  also send dummy traffic to ordinary recipients.  This approach
+  has its problems: how is Alice to generate cover texts, or get the list of
+  all possible recipients?  In any case, it is
+  unclear whether Alice can obscure her true recipients without sending equal
+  volumes of mail to all of her non-recipients as well, which is impractical.}
 the network.
 
-Although these methods can slow or stop the attacker (as
+Although this padding can slow or stop the attacker (as
 discussed below in Section \ref{sec:simulation}), the change in the attack
 is trivial: Alice's behavior
 vector $\V{v}$ no longer adds to $1$, since there is now a chance that a
@@ -618,13 +626,13 @@
 
 \subsection{Strengthening the attack}
 \label{subsec:strenghtening}
-Section \ref{subsec:broadening} showed how to extend the original
-statistical disclosure attack to reveal sender--recipient links in a
+Section \ref{subsec:broadening} extended the original
+statistical disclosure attack to link senders and recipients in a
 broader range of circumstances.
 %In Section~\ref{sec:simulation} we will
 %show that these extensions force the attacker to observe an increasingly
 %large number of rounds of traffic.
-In this section, rather than broadening the attack,
+In this section,
 %to work in new situations
 %(at the expensive of needing increased traffic)
 we discuss ways to reduce the required amount of traffic
@@ -659,9 +667,9 @@
 documents written with the same version of MS Word are more likely to be
 written by the same sender than two messages selected at
 random.\footnote{Encrypting all messages end-to-end would address most of
-  these attacks, but is often difficult in practice.  Most recipients do not
-  run anonymity software, and many don't have support for encrypted
-  email or encrypted SMTP links.  Thus, many messages still leave today's mix
+  these attacks, but is difficult in practice.  Most recipients do not
+  run anonymity software, and many don't support encrypted
+  email. Thus, many messages still leave today's mix
   networks in plaintext. Furthermore, today's most popular encryption
   standards (such as PGP and SMIME) have enough variation for an attacker to
   tell which implementations could have generated a given message.}
@@ -1025,7 +1033,7 @@
 have room for improvement. Real users probably do not send
 messages with a time-invariant geometric distribution: most people's email
 habits are based on a 24-hour day, and a 7-day week.  Early research on
-traffic patterns in actual mix-nets \cite{mixvreliable} suggests that this
+traffic patterns in actual mix networks \cite{mixvreliable} suggests that this
 variation is probably significant.
 
 Second, {\bf real user behavior changes over
@@ -1169,4 +1177,4 @@
 
 % 'In order to' -> 'to'
 % very -> damn -> ''
-%
+% mix network, not mix-net, not mixnet. 
\ No newline at end of file

***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/
Prev by Author: [freehaven-cvs] Add a footnote; tighten some prose in the first half...
Next by Author: [freehaven-cvs] Last edits; make compressed graphs readable.
Previous by thread: [freehaven-cvs] Add a footnote; tighten some prose in the first half...
Next by thread: [freehaven-cvs] Last edits; make compressed graphs readable.
Index(es):
- Author
- Thread