Interesting research. We won't know how impressive it is until the kinds of people that break Tor give it a thorough analysis. Otherwise, it might be a scheme that simply de-anonymizes users faster than the competition. I'll add that combining anonymity and performance seems to be one of the hardest security problems to get right with so much left to learn. So, I don't trust anything that does that, including Tor.
Asynchronous, non-real-time schemes that look like vanilla web traffic are the best. Especially using covert channels. However, my method is to do face-to-face with possible and otherwise use burner PC's, LiveCD's, and random Wifi hotspots. Tor or proxies optionally as extra layer of difficulty depending on what I'm doing.
"Asynchronous, non-real-time schemes that look like vanilla web traffic are the best."
It's a shame that high-latency mix networks died out with Mixminion [1] a few years ago. There's a lot of interesting research that never got implemented, that would, in my opinion, bring us a lot closer to truly anonymous email.
If this is a topic you find interesting, take a look at the Pynchon Gate [2]. It's a private information retrieval system, proposed by Sassaman (Mixmaster), Cohen (Bittorrent), and Nick Mathewson (Tor), that had a lot of interesting ideas about how to facilitate the anonymous retrieval of email.
It was never implemented, but it's a very approachable paper that serves as an excellent introduction to the incredible world of anonymity networks.
Oh yeah, good ole Mixminion. Yeah, the mix networks were the most promising. Thanks for the paper. That sure is a near-dream team of writers. I'll read it later.
No problem! I could talk for hours about mix networks. If you enjoy that paper, there's a few follow-up papers they wrote that examine some possible threat vectors and possible solutions. All in all, it's a very interesting system.
If you're ever looking for more reading on the subject, I'd recommend all of the starred papers on Free Haven [1]
Oh I love that site. Periodically skim it for interesting reads. Btw, is there a way to contact you or a place you usually frequent if I do get involved in a mix project? My limited resources and memory troubles make it unlikely. However, if I or someone I meet is into it then it would help to have someone that can bring people up to speed on the subject.
>I'll add that combining anonymity and performance seems to be one of the hardest security problems to get right with so much left to learn.
A certain penalty in both available bandwidth and latency seems unavoidable in any distributed onion anonymization system, but one practical issue may actually be something that I think doesn't get brought up nearly often enough in this context: a plain and simple lack of raw bandwidth. In other words, more practical anonymity would be yet another emergent benefit/application of near universal FTTH gigabit+ class connections. While some applications can use as much bandwidth and as low latency as it's possible to provide, many popular, commonly used ones on the present Internet instead have a value beyond which there are few further benefits. One of the hungrier applicatinos for example is streaming video, but once someone is stably hitting ~50-100 Mbps they're already at what a full quality Blu-ray would offer, even without H.265, and with H.265 even 4K is going to look pretty great.
So if a given anonymity network had an overall overhead of 90%, or even 95%, well that's certainly significant. But at the same time if someone has 1 Gbps to throw at it, then even 5-10% remaining would still result in more effective bandwidth available then large percentages of the population have raw right now, and more importantly enough for most of the current popular web applications. It would also have additional implications for the health and participation rates of the anonymity network, particular given that fiber links are symmetrical. These networks in general needs significant donations of bandwidth on the part of users to work effectively. When many, if not most users don't have that much available period then that can be tough: for somebody stuck on a 6/1 ADSL link giving up even a few hundred kbps could be painful. Whereas with an abundance, many if not most users would never even notice having 500+ Mbps serving as relay capacity at all times. This would further improve the overall value of the network, encouraging further use, and creating a virtuous circle.
Doing more with less is certainly very important, but no one should lose sight of how much in computer science has come from just plain having more. Anonymity networks would be best if they weren't "anonymity networks" per se, but rather simply "the network", as in what most people could use to accomplish anything on the Internet they'd want to. Ubiquitous encryption has been aided by better coding, but the most significant boost has come from having an abundance of computing resources, to the point where the overhead of encryption simply is irrelevant to the vast majority of users vs the benefits to security. An abundance of (symmetrical) bandwidth could enable a similar leap forward in anonymity online. It's another reason why we should really be pushing hard for major last mile information infrastructure improvements, and it's so unfortunate that the USA in particular has grossly underinvested and allowed companies to set the agenda there (unlike with electricity, phones and roads, which received major national pushes to the ultimate benefit of the whole country).
> One of the hungrier applicatinos for example is streaming video, but once someone is stably hitting ~50-100 Mbps they're already at what a full quality Blu-ray would offer, even without H.265, and with H.265 even 4K is going to look pretty great.
When more bandwidth gets deployed someone will roll out more bandwidth-consuming video.
near and mid term: 4k, 3D, 10bit, 4:4:4, 60fps, lossless sound
And that's not opinion: that's a fact of life in tech that repeats endlessly. Induced demand, Jevons paradox, Parkinson's law... the principle shows up endlessly.
Now, what effect it would have on a 1Gbit anonymity network is anyone's guess. All the streaming and web apps on my network don't really impact its normal performance because they're much slower than it. So, this concern might not affect what the other commenter proposes in practice.
More raw bandwidth will certainly help such applications. Yet, the latency is more important. Remember that sites are using CDN's because even a few seconds of delay causes much of the modern Internet to just leave the site. Voice, video, stock trading, chat, online gaming... all latency sensitive.
Solving the latency problem without hurting security could be one phrasing of my original comment. Until it's solved, all the bandwidth in the world isn't going to make the anonymity schemes competitive. It will help A LOT to speed up tools such as Tor. But, it won't be competition for non-anonymous stuff until it's within their performance range.
Note: More symmetrical, fiber-to-the-home projects will certainly help. Projects like below will help us get there.
If those figures (93Gb/s) are right and represents a real-world scenario, and not a lab test, then it's really impressive.
The following quote from the article highlights the difference between HORNET and Tor:
"Unlike onion routing protocols that use global re-routing through overlay networks (e.g., Tor [23] and I2P [47]), HORNET uses short paths created by the underlying network architecture to reduce la- tency, and is therefore bound by the network’s physical intercon- nection and ISP relationships. This is an unavoidable constraint for onion routing protocols built into the network layer [29, 42]."
Latency vs. anonymity is usually a tradeoff: if you monitor the whole network, you can correlate flows between nodes, and this gets easier with lower latency. That's why Pond connections are randomly timed. They acknowledge this fact in section 5.2:
Flow-dynamics-based end-to-end correlation.
In general it is difficult even for high latency mix networks to resist such powerful adversaries. Low-latency anonymity systems are particularly prone to these types of attacks. HORNET cannot protect
against them, but as mentioned above, the use of packet obfuscation
makes these attacks more expensive and allows for potential additional measures to be taken (e.g., padding), either by upper layer protocols or by extensions of HORNET.
They would see that you were communicating (because by necessity, all your stuff passes through them) but not who to, because they couldn't strip off the next layer of the onion. Much like Tor.
Its interesting that TOR takes a circuit based approach and these guys use a packet based approach... its the same thing that happened in telecom over a decade ago. (its analogous, anyway)
One idea is that older (and still trustworthy) tokens become reliable and more valuable, encouraging parties to 1) keep their tokens for a long time and 2) behave themselves. As I recall, both operate with the concept of a token server. In the case of FAUST, tokens are requested unblinded (that is, from a non-Tor IP), but are anonymous and cannot be associated with the requestor after the fact.
If there's other or more recent work, I'd really like to hear about them.
I'm going to have to look at this closely. My first thought here is that it seems impossible to get high performance without leaking at least some form of sub-channel signaling about communications, but I don't yet understand the real "trick" behind HORNET.
Asynchronous, non-real-time schemes that look like vanilla web traffic are the best. Especially using covert channels. However, my method is to do face-to-face with possible and otherwise use burner PC's, LiveCD's, and random Wifi hotspots. Tor or proxies optionally as extra layer of difficulty depending on what I'm doing.