Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Types of Anonymity
Pseudonymity
Susceptible to subpoenas
Sender
Receiver / observer cant
identify sender
Receiver
Observer cant identify receiver
Sender-receiver
Observer cant identify that
communication has been sent
Uses of Anonymity
Positive
Free speech for political claims as well as non-political
comments
engage in whistle-blowing
conduct commercial transactions
freedom from detection, retribution, and embarrassment
New York Times Co. vs. Sullivan, 1964
"an author's decision to remain anonymous...is an aspect
of the freedom of speech protected by the First
Amendment"
Uses of Anonymity
Negative
Spam
DoS -
Illegal activity anonymous bribery, copyright
infringement, harassment, financial scams,
disclosure of trade secrets
Assumptions
Weak attacker
Eavesdrops on first and last hop
Can introduce messages here
Strong attacker
Eavesdrops on all links
Can introduce messages anywhere
Attacker has finite time, computing power
Multiple users
Types of Attackers
Local eavesdropper
Observes inbound and outbound messages on
users computer
Administrator
Operator or group of operators of anonymizing
systems attempting to foil their own system
Remote attack
Observation at the remote end by eavesdropper or
attack by the remote host
Attacks
Beyond Suspicion
Attacker can see evidence of a sent message, but the sender appears no
more likely to be the originator than any other potential sender in the system
Probable Innocence
The sender is more likely the originator than any other potential sender, but
there is equal likelihood the sender is not the originator
Possible Innocence
The sender appears more likely to be the originator than to not be the
originator, but theres still a non-trivial probability that the originator is
someone else
Capabilities
2.
Mix 3 Mix 4
1. A1, C1(A3, C3(A2, C2(S, M, r2), r3), r1) 3. A2, C2(S, M, r2)
2. A3, C3(A2, C2(S, M, r2), r3) 4. S, M
Mixes
Decentralized
Harder to attack
Allows choice of tradeoff between anonymity /
throughput
Encrypted with public key of each node in route
Nodes change packet order
Fixed message size
Users have broadcast map and route map
Noise packets counter statistical traffic analysis
User A
User B
Hash of Users public key provides choice of groups.
User A can send an anonymous message to User B via group */0, 1/1, 111/3, etc
01/2 is a subset of */0 more efficient but less anonymous
User A can route messages between 00/2 and 01/2
P5