-----BEGIN PGP SIGNED MESSAGE----- At 04:23 PM 6/25/97 -0400, tzeruch@ceddec.com wrote:
On Fri, 20 Jun 1997, Jeremey Barrett wrote:
The question is what's the threat model. If the goal is to prevent the server from identifying the client given limited resources, then www.anonymizer.com or similar is sufficient. However, the real problem is preventing an entity with unlimited resources and control over most of the nodes in the anonymous network from conducting successful traffic analysis. This is an entirely different and very difficult problem.
Having got the latest Applied Cryptography, it looks like it would be possible to set up a series of servers on the "Dining Cryptographers at a Disco" model. It would require a constant flow, probably something like token ring, so couldn't be used for high bandwidth applications, but it completely nukes traffic analysis.
You'll have a secure black box then. Everything in the black box is secure, but the real information comes from watching what goes in one side and out the other. Unless there is an astronomical amount of traffic, it will be fairly obvious who's doing what. After all, knowing who did what is the goal of traffic analysis, usually not what route they took in between. The trick is to design a system where an eavesdropper can't correlate a connection into the anonymous network to one coming out. Such a system will almost certainly involve some sort of "personal proxy" running on your own machine. It might maintain a constant bandwidth to the anonymous network, but that's sub-optimal since most people like their bandwidth for other things. Jeremey. -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQCVAwUBM7GdTS/fy+vkqMxNAQF1KgP9HUeipjxUkMd6WcdIu7erw4dXmHQlB2VO RELgmItWCCZm1XdHanh197VKe714RUYN0FNEIu09hdgLK80yI8qDxIXBykcglFIc O7V+HbfPa3HOAR1HftTQm6evXeY/JEWUSt/7ymGXVKHp06SWRsExcbGwDt0DhsAw apmEl0PNV8c= =JfEd -----END PGP SIGNATURE----- -- Jeremey Barrett BlueMoney Software Corp. Crypto, Ecash, Commerce Systems http://www.bluemoney.com/ PGP key fingerprint = 3B 42 1E D4 4B 17 0D 80 DC 59 6F 59 04 C3 83 64