Anonymous browsing (was Re: Getting Back to our Radical Roots)

Jeremey Barrett jeremey at bluemoney.com
Wed Jun 25 15:43:34 PDT 1997



-----BEGIN PGP SIGNED MESSAGE-----

At 04:23 PM 6/25/97 -0400, tzeruch at ceddec.com wrote:
>On Fri, 20 Jun 1997, Jeremey Barrett wrote:
>
>> The question is what's the threat model. If the goal is to prevent the
>> server from identifying the client given limited resources, then
>> www.anonymizer.com or similar is sufficient. However, the real problem
>> is preventing an entity with unlimited resources and control over most
>> of the nodes in the anonymous network from conducting successful traffic
>> analysis. This is an entirely different and very difficult problem.
>
>Having got the latest Applied Cryptography, it looks like it would be
>possible to set up a series of servers on the "Dining Cryptographers at a
>Disco" model.  It would require a constant flow, probably something like
>token ring, so couldn't be used for high bandwidth applications, but it
>completely nukes traffic analysis.

You'll have a secure black box then. Everything in the black box
is secure, but the real information comes from watching what goes
in one side and out the other. Unless there is an astronomical amount 
of traffic, it will be fairly obvious who's doing what.

After all, knowing who did what is the goal of traffic analysis, usually 
not what route they took in between.

The trick is to design a system where an eavesdropper can't correlate
a connection into the anonymous network to one coming out. Such a system will 

almost certainly involve some sort of "personal proxy" running on your own 
machine. It might maintain a constant bandwidth to the anonymous network, but 

that's sub-optimal since most people like their bandwidth for other things.

Jeremey.

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQCVAwUBM7GdTS/fy+vkqMxNAQF1KgP9HUeipjxUkMd6WcdIu7erw4dXmHQlB2VO
RELgmItWCCZm1XdHanh197VKe714RUYN0FNEIu09hdgLK80yI8qDxIXBykcglFIc
O7V+HbfPa3HOAR1HftTQm6evXeY/JEWUSt/7ymGXVKHp06SWRsExcbGwDt0DhsAw
apmEl0PNV8c=
=JfEd
-----END PGP SIGNATURE-----

--
Jeremey Barrett                                BlueMoney Software Corp.
Crypto, Ecash, Commerce Systems               http://www.bluemoney.com/
PGP key fingerprint =  3B 42 1E D4 4B 17 0D 80  DC 59 6F 59 04 C3 83 64







More information about the cypherpunks-legacy mailing list