[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[freehaven-cvs] Write sketches/drafts of remaining sections.
Update of /home/freehaven/cvsroot/doc/fc04
In directory moria.mit.edu:/tmp/cvs-serv24176
Modified Files:
minion-systems.bib minion-systems.tex
Log Message:
Write sketches/drafts of remaining sections.
Index: minion-systems.bib
===================================================================
RCS file: /home/freehaven/cvsroot/doc/fc04/minion-systems.bib,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- minion-systems.bib 8 Sep 2003 21:18:24 -0000 1.1
+++ minion-systems.bib 8 Sep 2003 22:22:03 -0000 1.2
@@ -20,7 +20,7 @@
}
@Misc{mixminion-spec,
- author = {Mixminion},
+ author = {George Danezis and Roger Dingledine and Nick Mathewson},
title = {Type {III} ({M}ixminion) Mix Protocol Specifications},
note = {\newline \url{http://mixminion.net/minion-spec.txt}},
}
Index: minion-systems.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/fc04/minion-systems.tex,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- minion-systems.tex 8 Sep 2003 21:39:18 -0000 1.2
+++ minion-systems.tex 8 Sep 2003 22:22:03 -0000 1.3
@@ -74,7 +74,7 @@
These attacks are certainly feasible today. On the simplest level,
corporate website administrators routinely survey logs to learn which
competitors and customers have viewed which parts of their websites,
-and how often. The more sophisticated attcaks are almost certainly
+and how often. The more sophisticated attacks are almost certainly
within capabilities of the NSA-supported ECHELON eavesdropping system
(which has been probably used to advance the commercial interests of
its sponsor nations) [XXXX must confirm this], or the capabilities of
@@ -85,11 +85,59 @@
defeat traffic analysis. We focus on Mixminion, an open-source
application with a deployed research network.
+[XXXX What about pseudonymity?]
+
+[XXXX We never mention that anonymity = traffic analysis
+ resistance. Uh oh!]
+
\subsection{Related work}
+David Chaum launched the study of anonymous communications in 1982,
+with his design for a network of anonymizing servers or ``Mixes''
+\cite{chaum-mix}. In Chaum's design, message senders public-key
+encrypt their messages to a sequence of servers, then send the
+messages to the first server in the sequence. Each server in turn
+removes a layer of encryption from the messages, waits until enough
+messages have been received, then re-orders the messages and sends
+them to the next server in the sequence. If any server in the
+sequence correctly hides connections between incoming and outgoing
+messages, an eavesdropper should not be able to connect senders to
+recipients.
+
+The first widely deployed mix net was [XXXX describe cypherpunks and
+ Mixmaster.]
+
+In parallel with the evolution of mix nets for mail-like
+communication, other work has progressed on systems suitable for
+faster communication. [XXXX mention anonymizer and friends, freedom
+and friends, and of course onion routing.] While these system are
+more suited for low-latency applications such as web browsing,
+chatting, and VoIP, they are more vulnerable to certain attacks than
+are traditional high-latency mix-net designs. Specifically, if an
+eavesdropper can observe both sides of the communication, watching the
+timing of message sending and delivery will quickly reveal linkage
+between senders and recipients. Although these systems prevent
+certain kinds of traffic analysis, they cannot defend against an
+adversary with significant COMINT abilities.
\section{Mixminion: Open source strong anonymity}
+Mixminion is the reference implementation of the Type III mix-net,
+which was first designed between 2001 and 2002 to address the (few)
+weaknesses of Type II, while obviating the need for Type I by
+reintroducing reply messages. Its design was first published in
+\cite{minion-design}; its specification is publicly available
+\cite{mixminion-spec}.
+
+The Type III mix-net design improves on previously deployed designs
+as follows:
+\begin{itemize}
+\item {\bf Secure single-use reply blocks, with indistinguishable replies.}
+\item {\bf Forward-secure, email-independent transfer protocol.}
+\item {\bf Integrated directory design.}
+\item {\bf Replay prevention and integrated key rotation.}
+\item {\bf Dummy traffic}
+\end{itemize}
+[XXXX say more, of course.]
-\section{Status and future work}
The first public version of Mixminion was released in December of
2002. Since then, we have grown a deployed network of 22 testing
servers,\footnote{As of 8 September 2003.} operated by volunteers in
@@ -98,7 +146,8 @@
reassembly, address blocking, reliable message delivery, and an
automated server directory with key rotation.
-Before Mixminion is ready for broad-scale user adoption, however, more
+\section{Future work}
+Before Mixminion is ready for broad-scale user adoption more
work remains, both in research and in implementation. The largest
areas ahead are, broadly:
\begin{itemize}
@@ -121,7 +170,7 @@
server, the server is not yet implemented.
\item {\bf Abuse prevention.} One of the best ways to attack users'
anonymity is by mounting a denial of service attack against some or
- all of the Type III remailer network, in order to force users onto
+ all of the Type III mix-net, in order to force users onto
compromised servers, or to force them to use insecure
channels. [XXXX say more.]
\item {\bf Enterprise integration.} The current implementation,
***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs in the body. http://freehaven.net/