Re: Latency Costs of Anonymity
-----BEGIN PGP SIGNED MESSAGE----- From: Wei Dai <weidai@eskimo.com>
The points Tim makes here are quite good. However, I'm more concerned with a slightly longer time scale, when people focus less on FILES, but more on CONVERSATIONS and INTERACTIONS. It is then that latency becomes more problematic.
I think this is a good point. We have had some discussions about getting anonymity with web browsing. The "mix" or "remailer" concept doesn't work so well there as the connections are very short, so there is less chance of multiple communications going on at one time. OTOH I have heard discussions of asynchronous transfer mode, ATM, as a new packet-based network technology that could support high bandwidth communications. All messages, presumably even streams like video signals, get broken into fixed-size packets, which make their way through the network and are reassembled into a stream on the other end. The individual packets may not all take the same path through the network. (I am far from an expert on ATM so I welcome corrections to this description.) This technology does sound like mixing could work pretty well to provide anonymity. There is some price in bandwidth and latency but ATM is so fast that probably several steps of chaining and mixing would be possible. Naturally such mixes would have to be hardware based due to the rapid speeds of the packets. So this would be kind of a "souped up" version of our current email remailer network, with vastly greater bandwidths and switching speeds. Another possibility with connection-based communications would be Chaum's DC-Nets. These are networks where message source cannot be determined. They do face potentially severe costs in terms of bandwidth, though, depending on how much anonymity you get. As both mixes and dcnets have bandwidth costs, I wonder if it is provable that anonymity implies such costs.
Can anyone give me an estimate of when truly anonymous video conferencing will become possible? This is not just to help me make the point, but I'm really wondering.
Wei Dai
I think it may be more useful rather than speaking of "true" anonymity to think of factor-of-N anonymity. This reflects the bandwidth costs. I would guess that, if you have a packet-based video converencing system, that today you could probably get factor-of-2 anonymity with custom hardware, and perhaps even more than that. One other point I would make, based on Wei's original post, is that no doubt anonymity does exact some costs. However this does not mean that it is uncompetitive. It also may have, in some circumstances, advantages. People may be more frank and critical when they are shielded by anonymity. I've read articles about companies which introduce electornic "suggestion boxes" where people can post anonymously, and upper management is often shocked at the results. It is too early to judge how much of a net benefit or harm anonymity will be in general. Furthermore, it is likely that the net advantage will differ depending on the business or organization. At one extreme, a group working with illegal or restricted technology would probably benefit more from anonymity. I think it was Keith Henson who posted a story here a couple of years ago that he was working on, involving some kind of underground protest group which organized itself using crypto anonymity. So it is really not a question of whether anonymity is good or bad, but rather whether its costs outweigh its advantages in a particular situation. Hal Finney hfinney@shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLw8c9xnMLJtOy9MBAQFZBgH/R1c3FLHECJiEHDoUl/gUPaBIVzd3kvVz Uv2jqFwJxSFQjnrb1wtGT7vLjNOOXJ7uYpBNJU+ZfPSKOvPgGFD8yQ== =+6iw -----END PGP SIGNATURE-----
On Sat, 7 Jan 1995, Hal wrote:
This technology does sound like mixing could work pretty well to provide anonymity. There is some price in bandwidth and latency but ATM is so fast that probably several steps of chaining and mixing would be possible. Naturally such mixes would have to be hardware based due to the rapid speeds of the packets. So this would be kind of a "souped up" version of our current email remailer network, with vastly greater bandwidths and switching speeds.
The problem here is that you'll have to do a RSA operation on EACH packet. Pretty hard on the CPU...
I think it may be more useful rather than speaking of "true" anonymity to think of factor-of-N anonymity. This reflects the bandwidth costs. I would guess that, if you have a packet-based video converencing system, that today you could probably get factor-of-2 anonymity with custom hardware, and perhaps even more than that.
I'm not exactly sure what you mean by "factor-of-N". I only used "true" to distiguish it from "trivial" anonymity (such as using a pay phone). Of course, anonymity, like security, can only be relative.
One other point I would make, based on Wei's original post, is that no doubt anonymity does exact some costs. However this does not mean that it is uncompetitive. It also may have, in some circumstances, advantages. People may be more frank and critical when they are shielded by anonymity. I've read articles about companies which introduce electornic "suggestion boxes" where people can post anonymously, and upper management is often shocked at the results. It is too early to judge how much of a net benefit or harm anonymity will be in general.
Furthermore, it is likely that the net advantage will differ depending on the business or organization. At one extreme, a group working with illegal or restricted technology would probably benefit more from anonymity. I think it was Keith Henson who posted a story here a couple of years ago that he was working on, involving some kind of underground protest group which organized itself using crypto anonymity. So it is really not a question of whether anonymity is good or bad, but rather whether its costs outweigh its advantages in a particular situation.
This is all very true. I guess I'm just lamenting the loss of my ealier, more naive dream that one day everyone will be anonymous (read pseudonymous), and that physical and digital identities will be totally seperate. Wei Dai Who should really start signing his posts but left his key in another computer.
participants (2)
-
Hal -
Wei Dai