[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[freehaven-dev] (FWD) Re: paper comments - 1st impressions



----- Forwarded message from Michael J Freedman <mfreed@MIT.EDU> -----

Date: Sun, 25 Feb 2001 11:05:10 -0500
To: hopwood@zetnet.co.uk
From: Michael J Freedman <mfreed@MIT.EDU>
Subject: Re: paper comments - 1st impressions
Cc: freehaven@freehaven.net

>If N_i tries to send a message to N_{i+1} but cannot obtain a receipt,
>then instead of publishing the message, it sends it to all of the
>judges (if N_i cannot manage to contact any judges, then it should be
>considered unreliable, so it is OK that it does not obtain a receipt).
>
>Each judge then independently tries to send the message to N_{i+1}
>(who must provide a separate receipt for each connection). If a judge
>obtains a receipt, it sends it back to N_i. If N_i receives at least
>one valid receipt from a judge, it will store one of them as if it had
>obtained it directly from N_{i+1}. If a judge cannot obtain a receipt,
>it concludes that N_{i+1} was unreliable, and publishes that fact
>(here we are communicating the fact that N_{i+1} is unreliable to
>human listeners, rather than to programs, which allows use of various
>channels that are unlikely to all be attacked). If someone hears enough
>judges that they trust say that N_{i+1} is unreliable, they will
>believe that it is.


I'm a bit unconvinced that this is providing any real security.  (But I'm
really tired when reading this, so bear with me).

N_i sends to N_{i+1}
N_{i+1} sends a receipt back to N_i saying "I got it."
N_i is happy
N_{i+1} does nothing more

Doesn't the judges idea not help out from here on?

It sounds like the judges can provide a "reputation system" for honest,
unreliable mixnet nodes, while the ledger idea was to be used for dishonest
(unreliable) mixnet nodes.

But it's not quite that simple, 'cause honest nodes can also have a failure
mode whereby they send the "got it" receipt, then just crash, and (I
think?) we lose.

Am I missing something obvious?
--mike


-----
"Not all those who wander are lost."                  mfreed@mit.edu

----- End forwarded message -----