[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Topic of a diploma



On Wed, Jan 02, 2008 at 10:59:44AM -0500, Nick Mathewson wrote:
> 
> You might also check out other related papers on anonbib; there's some
> good research been happening in the last few years.  IMO, new defenses
> are generally more interesting than new attacks, since the attacks are
> already so good that new, equally good attacks aren't very impressive.
> 

I agree that attacks are far enough ahead of defenses that this is
where immediate need seems greatest (also where it seems hardest).
And, unlike the rest of computer security, a substantial defensive
result here would probably get more attention in the anonymity
research community than yet another attack.  That said, I disagree
that "attacks are already so good that new, equally good attacks
aren't very impressive".  The threat side is still sufficiently
uncharted that it is very important to keep developing it. Otherwise
we run the risk of investing a lot of effort into getting specific
defenses against known attacks only to be blown out of the water by
something "equally good" because a comprehensive response was
needed. This is always a risk in security, but anonymity (and
low-latency anonymity in particular) is still immature enough that it
remains especially true here. Another attack that is a small variant
of a type that is well understood and researched is not very
interesting, but I think lots more basic attack research remains to be
done.

aloha,
Paul