[freehaven-cvs] Write sketches/drafts of remaining sections.

[nickm@seul.org (Nick Mathewson)]

Update of /home/freehaven/cvsroot/doc/fc04
In directory moria.mit.edu:/tmp/cvs-serv24176

Modified Files:
	minion-systems.bib minion-systems.tex 
Log Message:
Write sketches/drafts of remaining sections.

Index: minion-systems.bib
===================================================================
RCS file: /home/freehaven/cvsroot/doc/fc04/minion-systems.bib,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- minion-systems.bib	8 Sep 2003 21:18:24 -0000	1.1
+++ minion-systems.bib	8 Sep 2003 22:22:03 -0000	1.2
@@ -20,7 +20,7 @@
 }
 
 @Misc{mixminion-spec,
-   author =      {Mixminion},
+   author =      {George Danezis and Roger Dingledine and Nick Mathewson},
    title =       {Type {III} ({M}ixminion) Mix Protocol Specifications},
    note =        {\newline \url{http://mixminion.net/minion-spec.txt}},
 }

Index: minion-systems.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/fc04/minion-systems.tex,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- minion-systems.tex	8 Sep 2003 21:39:18 -0000	1.2
+++ minion-systems.tex	8 Sep 2003 22:22:03 -0000	1.3
@@ -74,7 +74,7 @@
 These attacks are certainly feasible today.  On the simplest level,
 corporate website administrators routinely survey logs to learn which
 competitors and customers have viewed which parts of their websites,
-and how often.  The more sophisticated attcaks are almost certainly
+and how often.  The more sophisticated attacks are almost certainly
 within capabilities of the NSA-supported ECHELON eavesdropping system
 (which has been probably used to advance the commercial interests of
 its sponsor nations) [XXXX must confirm this], or the capabilities of
@@ -85,11 +85,59 @@
 defeat traffic analysis.  We focus on Mixminion, an open-source
 application with a deployed research network.
 
+[XXXX What about pseudonymity?]
+
+[XXXX We never mention that anonymity = traffic analysis
+  resistance. Uh oh!]
+
 \subsection{Related work}
+David Chaum launched the study of anonymous communications in 1982,
+with his design for a network of anonymizing servers or ``Mixes''
+\cite{chaum-mix}.  In Chaum's design, message senders public-key
+encrypt their messages to a sequence of servers, then send the
+messages to the first server in the sequence.  Each server in turn
+removes a layer of encryption from the messages, waits until enough
+messages have been received, then re-orders the messages and sends
+them to the next server in the sequence.  If any server in the
+sequence correctly hides connections between incoming and outgoing
+messages, an eavesdropper should not be able to connect senders to
+recipients.
+
+The first widely deployed mix net was [XXXX describe cypherpunks and
+  Mixmaster.]
+
+In parallel with the evolution of mix nets for mail-like
+communication, other work has progressed on systems suitable for
+faster communication.  [XXXX mention anonymizer and friends, freedom
+and friends, and of course onion routing.]  While these system are
+more suited for low-latency applications such as web browsing,
+chatting, and VoIP, they are more vulnerable to certain attacks than
+are traditional high-latency mix-net designs.  Specifically, if an
+eavesdropper can observe both sides of the communication, watching the
+timing of message sending and delivery will quickly reveal linkage
+between senders and recipients.  Although these systems prevent
+certain kinds of traffic analysis, they cannot defend against an
+adversary with significant COMINT abilities.
 
 \section{Mixminion: Open source strong anonymity}
+Mixminion is the reference implementation of the Type III mix-net,
+which was first designed between 2001 and 2002 to address the (few)
+weaknesses of Type II, while obviating the need for Type I by
+reintroducing reply messages.  Its design was first published in
+\cite{minion-design}; its specification is publicly available
+\cite{mixminion-spec}.
+
+The Type III mix-net design improves on previously deployed designs
+as follows:
+\begin{itemize}
+\item {\bf Secure single-use reply blocks, with indistinguishable replies.}
+\item {\bf Forward-secure, email-independent transfer protocol.}
+\item {\bf Integrated directory design.}
+\item {\bf Replay prevention and integrated key rotation.}
+\item {\bf Dummy traffic}
+\end{itemize}
+[XXXX say more, of course.]
 
-\section{Status and future work}
 The first public version of Mixminion was released in December of
 2002.  Since then, we have grown a deployed network of 22 testing
 servers,\footnote{As of 8 September 2003.} operated by volunteers in
@@ -98,7 +146,8 @@
 reassembly, address blocking, reliable message delivery, and an
 automated server directory with key rotation.
 
-Before Mixminion is ready for broad-scale user adoption, however, more
+\section{Future work}
+Before Mixminion is ready for broad-scale user adoption more
 work remains, both in research and in implementation.  The largest
 areas ahead are, broadly:
 \begin{itemize}
@@ -121,7 +170,7 @@
   server, the server is not yet implemented.
 \item {\bf Abuse prevention.} One of the best ways to attack users'
   anonymity is by mounting a denial of service attack against some or
-  all of the Type III remailer network, in order to force users onto
+  all of the Type III mix-net, in order to force users onto
   compromised servers, or to force them to use insecure
   channels. [XXXX say more.]
 \item {\bf Enterprise integration.}  The current implementation,

***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/