[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[freehaven-cvs] More minor fixes. Last commit until morning.

To: freehaven-cvs@freehaven.net
Subject: [freehaven-cvs] More minor fixes. Last commit until morning.
From: rabbi@seul.org
Date: Thu, 16 Sep 2004 17:39:58 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: freehaven-cvs-outgoing@seul.org
Delivered-to: freehaven-cvs@seul.org
Delivery-date: Thu, 16 Sep 2004 17:40:24 -0400
Reply-to: freehaven-dev@freehaven.net
Sender: owner-freehaven-cvs@freehaven.net

Update of /home2/freehaven/cvsroot/doc/pynchon-gate
In directory moria.mit.edu:/tmp/cvs-serv26701

Modified Files:
	pynchon.tex 
Log Message:
More minor fixes. Last commit until morning.


Index: pynchon.tex
===================================================================
RCS file: /home2/freehaven/cvsroot/doc/pynchon-gate/pynchon.tex,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -d -r1.27 -r1.28
--- pynchon.tex	16 Sep 2004 21:08:14 -0000	1.27
+++ pynchon.tex	16 Sep 2004 21:39:56 -0000	1.28
@@ -1,15 +1,16 @@
 \documentclass[runningheads]{llncs}
 %
 % TODO:
-%   - Revise design section, make it correct.
-%   - Add figures for design.
-%   - Add performance section.
-%   - Compute and add results for statistical disclosure section.
-%   - ????
+%   - Revise design section, make it correct. (NM, LS)
+%   - Add figures for design. (LS, mockups from NM?)
+%   - Add performance section. (NM)
+%   - Compute and add results for statistical disclosure section. (NM)
+%   - Write conclusion. (LS)
+%   - Finish "known attacks" section. (LS)
 %
-%   - Proofread more
+%   - Proofread more (LS, NM)
 %   - Get it under 15 pages, if needed.
-%   - Submit.
+%   - Submit. (LS)
 
 \usepackage{url}
 \usepackage{graphics}
@@ -221,13 +222,13 @@
 networks~\cite{danezis-pet2004,gd-thesis,mixmaster-reliable}.
 
 \subsubsection{Network-level server anonymity.}
-The second generation implementation of Onion Routing~\cite {tor-design}
-implements rendezvous points~\cite {ian-thesis} that
-allow users to offer location-hidden services. A user wishing to
-anonymously receive messages could use this to receive mail at a hidden
-location: Messages would be delivered to the server over
-the Onion Routing network, and successful delivery would not require the
-sender to know the IP address of the destination server.
+The second generation implementation of Onion Routing, Tor~\cite
+{tor-design}, implements rendezvous points~\cite {ian-thesis} that allow
+users to offer location-hidden services. A user wishing to anonymously
+receive messages could use this to receive mail at a hidden location:
+Messages would be delivered to the server over the Onion Routing network,
+and successful delivery would not require the sender to know the IP
+address of the destination server.
 
 Rendezvous points offer an alternative method of leveraging network-level
 anonymity systems for anonymous mail receipt; however, they do not address
@@ -261,7 +262,9 @@
 %implementation security of the ElGamal cryptosystem remain.}
 %
 %% I think the thing above is kinda FUDdy -- the entire anonymity field is
-%% less well analyzed than the discrete log problem.
+%% less well analyzed than the discrete log problem. (NM)
+%%
+%% I agree we should take this out. (LS)
 
 \subsubsection{Broadcast messages and dead-drops.}
 Chaum discusses a traffic-analysis prevention method wherein all reply
@@ -294,35 +297,38 @@
 \subsection{Known attacks against pseudonymity systems}
 \label{subsec:known-attacks}
 %XXXX writeme
-We discuss the security implications in pesudonymity systems throughout
+We discuss the security implications in pseudonymity systems throughout
 this paper. Most attacks on pseudonymity systems fall into one of the
 following categories.
 
-Legal and hacking attacks. Attackers may attempt to coerce the operators
-of pseudonymity systems through lawsuits or other means, or may attempt to
-surreptitiously obtain information about nym-holders. Systems should be
-designed so that such information cannot be obtained.
+\subsubsection{Legal and hacking attacks.}
+ Attackers may attempt to coerce the operators of pseudonymity systems
+through lawsuits or other means, or may attempt to surreptitiously obtain
+information about nym-holders. Systems should be designed so that such
+information cannot be obtained.
 
-Mix attacks. Systems based on the mix-net primative must be concerned with
-attacks against the underlying mix-network, as they rely upon it for
-security. Additionally, reply-block-based nym server systems require
-additional security properties that normal mix-net systems may not
-have~\cite{minx}.
+\subsubsection{Mix attacks.} 
+Systems based on the mix-net primative must be concerned with attacks
+against the underlying mix-network, as they rely upon it for security.
+Additionally, reply-block-based nym server systems require additional
+security properties that normal mix-net systems may not have~\cite{minx}.
 
-Replay attacks. An attacker capable of monitoring the communications
-network may attempt to obtain information about nym holders by comparing
-network and user behavior when a given message or packet is transmitted
-multiple times.
+\subsubsection{Replay attacks.}
+An attacker capable of monitoring the communications network may attempt
+to obtain information about nym holders by comparing network and user
+behavior when a given message or packet is transmitted multiple times.
 
-Who am I? attack. An attacker may send messages intended for nym Alice
-intended fo nym Bob, in order to confirm that Alice and Bob are the same
+\subsubsection{{\it Who am I?} attack.} 
+An attacker may send messages intended for nym Alice intended fo nym Bob,
+in order to confirm that Alice and Bob are the same
 nym-holder~\cite{gd-thesis}.
 
-Usage pattern and intersection attacks. An attacker may analyze network
-usage and anonymity set members over time to sub-divide anonymity sets
-such that a given user is identified.
+\subsubsection{Usage pattern and intersection attacks.}
 
-Statistical-disclosure attacks.
+An attacker may analyze network usage and anonymity set members over time
+to sub-divide anonymity sets such that a given user is identified.
+
+\subsubsection{Statistical-disclosure attacks.}
 
 \subsection{Statistical disclosure against reply-block-based nym servers}
 \label{subsec:disclosure}
@@ -523,7 +529,7 @@
 will contain the desired message or messages.
 
 To prevent man-in-the-middle attacks, TLS is used as the protocol's
-transport layer~\cite{rfc-2249}. Users negotiate a TLS connection with a
+transport layer~\cite{rfc-2246}. Users negotiate a TLS connection with a
 given distributor, and then relay PIR messages as described. The
 connection is authenticated using a certificate in a two-level certificate
 chain. The top-level certificate is a self-signed long-term certificate
@@ -659,6 +665,7 @@
 
 \section{A Note on Usability}
 %XXXX Merge into conclusion, where we evaluate our success.
+%XXXX I don't mind chopping this whole section out if we need to. -LS.
 
 The most popular pseudonym system ever deployed was {\tt
 anon.penet.fi}~\cite{helsingius}. This system provided users with an easy,

***********************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe freehaven-cvs       in the body. http://freehaven.net/

Prev by Author: [freehaven-cvs] Protocol clarification.
Next by Author: [freehaven-cvs] Update attacks section, mention Free Haven, fix prot...
Previous by thread: [freehaven-cvs] Add TODO to top of file
Next by thread: [freehaven-cvs] a typo i noticed
Index(es):
- Author
- Thread