Deploying Low-Latency Anonymity: Design Challenges and Social Factors

@article{Dingledine2007DeployingLA,
  title={Deploying Low-Latency Anonymity: Design Challenges and Social Factors},
  author={Roger Dingledine and Nick Mathewson and Paul F. Syverson},
  journal={IEEE Security \& Privacy},
  year={2007},
  volume={5}
}
Anonymous communication systems hide conversations against unwanted observations. Deploying an anonymous communications infrastructure presents surprises unlike those found in other types of systems. To address these and related issues, we designed Tor (the onion routing), a widely used low-latency, general-purpose anonymous communication infrastructure a overlay network for anonymizing TCP streams over the real-world Internet. Distribution of trust is central to the Tor philosophy and pervades… 
Systems for Anonymous Communication
We present an overview of the eld of anonymous communications, from its establishment in 1981 by David Chaum to today. Key systems are presented categorized according to their underlying principles:
Trust-based anonymous communication: adversary models and routing algorithms
TLDR
A novel model of routing security that incorporates the ordinarily overlooked variations in trust that users have for different parts of the network is introduced, and it is found that the trust-based routing strategy can protect anonymity against an adversary capable of attacking a significant fraction of thenetwork.
Tor De-anonymisation Techniques
TLDR
This paper presents a hands-on demonstration of anonymity exposures that leverage traffic correlation attacks, electronic fingerprinting, operational security failures, and remote code execution.
On anonymity in an electronic society: A survey of anonymous communication systems
TLDR
The previous research done to design, develop, and deploy systems for enabling private and anonymous communication on the Internet are surveyed, including mixes and mix networks, onion routing, and Dining Cryptographers networks are surveyed.
Anonymity Mixes as (Partial) Assembly Queues: Modeling and Analysis
TLDR
This work introduces a queueing model for batch mix and studies its delay properties, and proposes a randomized batch mixing strategy that achieves much better delay scaling in terms of the batch size and reduces the anonymity preserving capabilities of the mix.
Nymbler: Privacy-enhanced Protection from Abuses of Anonymity
TLDR
Nymbler is presented, which improves on existing Nymble-like systems by reducing the level of trust placed in third parties, while simultaneously providing stronger privacy guarantees and some new functionality.
Mixes as ( Partial ) Assembly Queues : Modeling and Analysis
TLDR
This work introduces a queueing model for batch mix and studies its delay properties, and proposes a randomized batch mixing strategy that achieves much better delay scaling in terms of the batch size and reduces the anonymity preserving capabilities of the mix.
Establishing Trust Through Anonymous and Private Information Exchange Over Personal Networks
TLDR
A novel model based on the separation of user ID information from personal preferences and user status information is proposed, able to ensure privacy through anonymity over personal data exchange, while it incorporates mechanisms for the detection and confronting of malicious behavior, and resilience against attacks.
A Systems Approach Toward Addressing Anonymous Abuses: Technical and Policy Considerations
TLDR
This work evaluates approaches for balancing the need for anonymity with the desire to mitigate anonymous abuses in order to prevent the abuses of anonymous communication networks.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 22 REFERENCES
Web MIXes: A System for Anonymous and Unobservable Internet Access
TLDR
A MIX-based system for anonymous and unobservable real-time Internet access that prevents traffic analysis as well as flooding attacks and provides an interface to inform anonymous users about their level of anonymity and unob observability.
Tor: The Second-Generation Onion Router
TLDR
This second-generation Onion Routing system addresses limitations in the original design by adding perfect forward secrecy, congestion control, directory servers, integrity checking, configurable exit policies, and a practical design for location-hidden services via rendezvous points.
Locating hidden servers
TLDR
This work presents fast and cheap attacks that reveal the location of a hidden server, the first actual intersection attacks on any deployed public network: thus confirming general expectations from prior theory and simulation.
On the Economics of Anonymity
TLDR
Some reasons why anonymity systems are particularly hard to deploy are explored, the incentives to participate either as senders or also as nodes are enumerated, and a general model is built to describe the effects of these incentives.
Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems
TLDR
In light of these observations, the trade-offs that one faces when trying to construct an efficient low latency communication system that protects users anonymity are discussed.
Passive Attack Analysis for Connection-Based Anonymity Systems
TLDR
This paper considers low latency connection-based anonymity systems which can be used for applications like web browsing or SSH, and designs and builds several such systems.
Nymble: Anonymous IP-Address Blocking
TLDR
A system in which honest users remain anonymous and their requests unlinkable; a server can complain about a particular anonymous user and gain the ability to blacklist the user for future connections; this blacklisted user's accesses before the complaint remain anonymous; and the system is agnostic to different servers' definitions of misbehavior.
The Traffic Analysis of Continuous-Time Mixes
  • G. Danezis
  • Computer Science
    Privacy Enhancing Technologies
  • 2004
TLDR
The information-theoretic anonymity metrics are applied to continuous-time mixes, that individually delay messages instead of batching them, and as an example the exponential mix is analysed, simulated and shown to use the optimal strategy.
Crowds: anonymity for Web transactions
TLDR
The design, implementation, security, performance, and scalability of the Crowds system for protecting users' anonymity on the world-wide-web are described and degrees of anonymity as an important tool for describing and proving anonymity properties are introduced.
Tarzan: a peer-to-peer anonymizing network layer
TLDR
Measurements show that Tarzan imposes minimal overhead over a corresponding non-anonymous overlay route, and Protocols toward unbiased peer-selection offer new directions for distributing trust among untrusted entities.
...
1
2
3
...