From 4174bf9cbdaaab1b86dc7c051ebf11f53412272f Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Thu, 3 Feb 2005 21:28:03 +0000 Subject: [PATCH] resolve references svn:r3521 --- doc/design-paper/challenges.tex | 32 ++-- doc/design-paper/tor-design.bib | 302 ++++++++++++++++---------------- 2 files changed, 170 insertions(+), 164 deletions(-) diff --git a/doc/design-paper/challenges.tex b/doc/design-paper/challenges.tex index d51b6c2027..bb1d0ffae4 100644 --- a/doc/design-paper/challenges.tex +++ b/doc/design-paper/challenges.tex @@ -26,7 +26,7 @@ \begin{abstract} We describe our experiences with deploying Tor, a low-latency anonymous -communication system that has been funded both by the U.S.~government +communication system that has been funded both by the U.S.~Navy and also by the Electronic Frontier Foundation. Because of its simplified threat model, Tor does not aim to defend @@ -73,7 +73,7 @@ who don't want to reveal information to their competitors, and law enforcement and government intelligence agencies who need to do operations on the Internet without being noticed. -Tor research and development has been funded by the U.S. Navy, for use +Tor research and development has been funded by the U.S.~Navy, for use in securing government communications, and also by the Electronic Frontier Foundation, for use in maintaining civil liberties for ordinary citizens online. The Tor @@ -215,7 +215,7 @@ to join the network. Tor is not the only anonymity system that aims to be practical and useful. Commercial single-hop proxies~\cite{anonymizer}, as well as unsecured -open proxies around the Internet~\cite{open-proxies}, can provide good +open proxies around the Internet, can provide good performance and some security against a weaker attacker. Dresden's Java Anon Proxy~\cite{web-mix} provides similar functionality to Tor but only handles web browsing rather than arbitrary TCP\@. Also, JAP's network @@ -250,12 +250,12 @@ seems overkill (and/or insecure) based on the threat model we've picked. Tor does not attempt to defend against a global observer. Any adversary who can see a user's connection to the Tor network, and who can see the -corresponding connection as it exits the Tor network, can use the timing -correlation between the two connections to confirm the user's chosen +corresponding connection as it exits the Tor network, can use timing +correlation to confirm the user's chosen communication partners. Defeating this attack would seem to require introducing a prohibitive degree of traffic padding between the user and the network, or introducing an unacceptable degree of latency (but see -Section \ref{subsec:mid-latency}). +Section \ref{subsec:mid-latency}). And, it is not clear that padding works at all if we assume a minimally active adversary that merely modifies the timing of packets to or from the user. Thus, Tor only attempts to defend against @@ -380,9 +380,9 @@ Mixminion, where the threat model is based on mixing messages with each other, there's an arms race between end-to-end statistical attacks and counter-strategies~\cite{statistical-disclosure,minion-design,e2e-traffic,trickle02}. But for low-latency systems like Tor, end-to-end \emph{traffic -confirmation} attacks~\cite{danezis-pet2004,SS03,defensive-dropping} +correlation} attacks~\cite{danezis-pet2004,SS03,defensive-dropping} allow an attacker who watches or controls both ends of a communication -to use statistics to correlate packet timing and volume, quickly linking +to use statistics to match packet timing and volume, quickly linking the initiator to her destination. This is why Tor's threat model is based on preventing the adversary from observing both the initiator and the responder. @@ -742,7 +742,7 @@ transport a greater variety of protocols. Though Tor has always been designed to be practical and usable first with as much anonymity as can be built in subject to those goals, we have contemplated that users might need resistance to at least simple -traffic confirmation attacks. Higher-latency mix-networks resist these +traffic correlation attacks. Higher-latency mix-networks resist these attacks by introducing variability into message arrival times in order to suppress timing correlation. Thus, it seems worthwhile to consider the whether we can improving Tor's anonymity by introducing batching and delaying @@ -796,7 +796,7 @@ Section~\ref{subsec:tcp-vs-ip}). Instead, batch timing would be obscured by synchronizing batches at the link level, and there would be no direct attempt to synchronize all batches entering the Tor network at the same time. -%Alternatively, if end-to-end traffic confirmation is the +%Alternatively, if end-to-end traffic correlation is the %concern, there is little point in mixing. % Why not?? -NM It might also be feasible to @@ -811,11 +811,11 @@ mid-latency option; however, we should continue the caution with which we have always approached padding lest the overhead cost us too much performance or too many volunteers. -The distinction between traffic confirmation and traffic analysis is +The distinction between traffic correlation and traffic analysis is not as cut and dried as we might wish. In \cite{hintz-pet02} it was shown that if data volumes of various popular responder destinations are catalogued, it may not be necessary to -observe both ends of a stream to confirm a source-destination link. +observe both ends of a stream to learn a source-destination link. This should be fairly effective without simultaneously observing both ends of the connection. However, it is still essentially confirming suspected communicants where the responder suspects are ``stored'' rather @@ -1012,7 +1012,7 @@ leak the fact that Alice {\it sometimes} talks to Bob as it is to leak the times when Alice is {\it actually} talking to Bob.) -One solution to this problem is to use ``helper nodes''~\cite{helpers}---to +One solution to this problem is to use ``helper nodes''~\cite{wright02,wright03}---to have each client choose a few fixed servers for critical positions in her circuits. That is, Alice might choose some server H1 as her preferred entry, so that unless the attacker happens to control or observe her @@ -1345,8 +1345,8 @@ their country. These users try to find any tools available to allow them to get-around these firewalls. Some anonymity networks, such as Six-Four~\cite{six-four}, are designed specifically with this goal in mind; others like the Anonymizer~\cite{anonymizer} are paid by sponsors -such as Voice of America to set up a network to encourage `Internet -freedom'~\cite{voice-of-america-anonymizer}. Even though Tor wasn't +such as Voice of America to set up a network to encourage Internet +freedom. Even though Tor wasn't designed with ubiquitous access to the network in mind, thousands of users across the world are trying to use it for exactly this purpose. % Academic and NGO organizations, peacefire, \cite{berkman}, etc @@ -1427,7 +1427,7 @@ servers, by reducing the interconnectivity of the nodes; later we can reduce overhead associated withy directories, discovery, and so on. By reducing the connectivity of the network we increase the total number of -nodes that the network can contain. Danezis~\cite{danezis-pet03} considers +nodes that the network can contain. Danezis~\cite{danezis-pets03} considers the anonymity implications of restricting routes on mix networks, and recommends an approach based on expander graphs (where any subgraph is likely to have many neighbors). It is not immediately clear that this approach will diff --git a/doc/design-paper/tor-design.bib b/doc/design-paper/tor-design.bib index 66dec41b7f..6b072911c3 100644 --- a/doc/design-paper/tor-design.bib +++ b/doc/design-paper/tor-design.bib @@ -18,44 +18,44 @@ } @inproceedings{kesdogan:pet2002, title = {Unobservable Surfing on the World Wide Web: Is Private Information Retrieval an - alternative to the MIX based Approach?}, - author = {Dogan Kesdogan and Mark Borning and Michael Schmeink}, + alternative to the MIX based Approach?}, + author = {Dogan Kesdogan and Mark Borning and Michael Schmeink}, booktitle = {Privacy Enhancing Technologies (PET 2002)}, - year = {2002}, - month = {April}, - editor = {Roger Dingledine and Paul Syverson}, - publisher = {Springer-Verlag, LNCS 2482}, + year = {2002}, + month = {April}, + editor = {Roger Dingledine and Paul Syverson}, + publisher = {Springer-Verlag, LNCS 2482}, } @inproceedings{statistical-disclosure, - title = {Statistical Disclosure Attacks}, - author = {George Danezis}, - booktitle = {Security and Privacy in the Age of Uncertainty ({SEC2003})}, - organization = {{IFIP TC11}}, - year = {2003}, - month = {May}, - address = {Athens}, - pages = {421--426}, - publisher = {Kluwer}, + title = {Statistical Disclosure Attacks}, + author = {George Danezis}, + booktitle = {Security and Privacy in the Age of Uncertainty ({SEC2003})}, + organization = {{IFIP TC11}}, + year = {2003}, + month = {May}, + address = {Athens}, + pages = {421--426}, + publisher = {Kluwer}, } @inproceedings{limits-open, - title = {Limits of Anonymity in Open Environments}, - author = {Dogan Kesdogan and Dakshi Agrawal and Stefan Penz}, - booktitle = {Information Hiding Workshop (IH 2002)}, - year = {2002}, - month = {October}, - editor = {Fabien Petitcolas}, - publisher = {Springer-Verlag, LNCS 2578}, + title = {Limits of Anonymity in Open Environments}, + author = {Dogan Kesdogan and Dakshi Agrawal and Stefan Penz}, + booktitle = {Information Hiding Workshop (IH 2002)}, + year = {2002}, + month = {October}, + editor = {Fabien Petitcolas}, + publisher = {Springer-Verlag, LNCS 2578}, } @inproceedings{isdn-mixes, - title = {{ISDN-mixes: Untraceable communication with very small bandwidth overhead}}, - author = {Andreas Pfitzmann and Birgit Pfitzmann and Michael Waidner}, - booktitle = {GI/ITG Conference on Communication in Distributed Systems}, - year = {1991}, - month = {February}, - pages = {451-463}, + title = {{ISDN-mixes: Untraceable communication with very small bandwidth overhead}}, + author = {Andreas Pfitzmann and Birgit Pfitzmann and Michael Waidner}, + booktitle = {GI/ITG Conference on Communication in Distributed Systems}, + year = {1991}, + month = {February}, + pages = {451-463}, } @@ -72,21 +72,21 @@ } @inproceedings{tarzan:ccs02, - title = {Tarzan: A Peer-to-Peer Anonymizing Network Layer}, - author = {Michael J. Freedman and Robert Morris}, + title = {Tarzan: A Peer-to-Peer Anonymizing Network Layer}, + author = {Michael J. Freedman and Robert Morris}, booktitle = {9th {ACM} {C}onference on {C}omputer and {C}ommunications - {S}ecurity ({CCS 2002})}, - year = {2002}, - month = {November}, - address = {Washington, DC}, + {S}ecurity ({CCS 2002})}, + year = {2002}, + month = {November}, + address = {Washington, DC}, } @inproceedings{cebolla, - title = {{Cebolla: Pragmatic IP Anonymity}}, - author = {Zach Brown}, - booktitle = {Ottawa Linux Symposium}, - year = {2002}, - month = {June}, + title = {{Cebolla: Pragmatic IP Anonymity}}, + author = {Zach Brown}, + booktitle = {Ottawa Linux Symposium}, + year = {2002}, + month = {June}, } @inproceedings{eax, @@ -117,24 +117,24 @@ } @inproceedings{anonnet, - title = {{Analysis of an Anonymity Network for Web Browsing}}, + title = {{Analysis of an Anonymity Network for Web Browsing}}, author = {Marc Rennhard and Sandro Rafaeli and Laurent Mathy and Bernhard Plattner and - David Hutchison}, + David Hutchison}, booktitle = {{IEEE 7th Intl. Workshop on Enterprise Security (WET ICE - 2002)}}, - year = {2002}, - month = {June}, - address = {Pittsburgh, USA}, + 2002)}}, + year = {2002}, + month = {June}, + address = {Pittsburgh, USA}, } -% pages = {49--54}, +% pages = {49--54}, @inproceedings{econymics, - title = {On the Economics of Anonymity}, - author = {Alessandro Acquisti and Roger Dingledine and Paul Syverson}, - booktitle = {Financial Cryptography}, - year = {2003}, - editor = {Rebecca N. Wright}, - publisher = {Springer-Verlag, LNCS 2742}, + title = {On the Economics of Anonymity}, + author = {Alessandro Acquisti and Roger Dingledine and Paul Syverson}, + booktitle = {Financial Cryptography}, + year = {2003}, + editor = {Rebecca N. Wright}, + publisher = {Springer-Verlag, LNCS 2742}, } @inproceedings{defensive-dropping, @@ -156,24 +156,24 @@ } @inproceedings{eternity, - title = {The Eternity Service}, - author = {Ross Anderson}, - booktitle = {Pragocrypt '96}, - year = {1996}, + title = {The Eternity Service}, + author = {Ross Anderson}, + booktitle = {Pragocrypt '96}, + year = {1996}, } - %note = {\url{http://www.cl.cam.ac.uk/users/rja14/eternity/eternity.html}}, + %note = {\url{http://www.cl.cam.ac.uk/users/rja14/eternity/eternity.html}}, @inproceedings{minion-design, - title = {Mixminion: Design of a Type {III} Anonymous Remailer Protocol}, - author = {George Danezis and Roger Dingledine and Nick Mathewson}, - booktitle = {2003 IEEE Symposium on Security and Privacy}, - year = {2003}, + title = {Mixminion: Design of a Type {III} Anonymous Remailer Protocol}, + author = {George Danezis and Roger Dingledine and Nick Mathewson}, + booktitle = {2003 IEEE Symposium on Security and Privacy}, + year = {2003}, month = {May}, publisher = {IEEE CS}, - pages = {2--15}, + pages = {2--15}, } - %note = {\url{http://mixminion.net/minion-design.pdf}}, + %note = {\url{http://mixminion.net/minion-design.pdf}}, @inproceedings{ rao-pseudonymity, author = "Josyula R. Rao and Pankaj Rohatgi", @@ -245,9 +245,9 @@ @InProceedings{raymond00, author = {J. F. Raymond}, title = {{Traffic Analysis: Protocols, Attacks, Design Issues, - and Open Problems}}, + and Open Problems}}, booktitle = {Designing Privacy Enhancing Technologies: Workshop - on Design Issue in Anonymity and Unobservability}, + on Design Issue in Anonymity and Unobservability}, year = 2000, month = {July}, pages = {10-29}, @@ -310,7 +310,7 @@ author = {Paul Syverson and Michael Reed and David Goldschlag}, title = {{O}nion {R}outing Access Configurations}, booktitle = {DARPA Information Survivability Conference and - Exposition (DISCEX 2000)}, + Exposition (DISCEX 2000)}, year = {2000}, publisher = {IEEE CS Press}, pages = {34--40}, @@ -321,7 +321,7 @@ @Inproceedings{or-pet00, title = {{Towards an Analysis of Onion Routing Security}}, author = {Paul Syverson and Gene Tsudik and Michael Reed and - Carl Landwehr}, + Carl Landwehr}, booktitle = {Designing Privacy Enhancing Technologies: Workshop on Design Issue in Anonymity and Unobservability}, year = 2000, @@ -334,9 +334,9 @@ @Inproceedings{freenet-pets00, title = {Freenet: A Distributed Anonymous Information Storage - and Retrieval System}, + and Retrieval System}, author = {Ian Clarke and Oskar Sandberg and Brandon Wiley and - Theodore W. Hong}, + Theodore W. Hong}, booktitle = {Designing Privacy Enhancing Technologies: Workshop on Design Issue in Anonymity and Unobservability}, year = 2000, @@ -349,7 +349,7 @@ @InProceedings{or-ih96, author = {David M. Goldschlag and Michael G. Reed and Paul - F. Syverson}, + F. Syverson}, title = {Hiding Routing Information}, booktitle = {Information Hiding, First International Workshop}, pages = {137--150}, @@ -362,7 +362,7 @@ @InProceedings{federrath-ih96, author = {Hannes Federrath and Anja Jerichow and Andreas Pfitzmann}, title = {{MIXes} in Mobile Communication Systems: Location - Management with Privacy}, + Management with Privacy}, booktitle = {Information Hiding, First International Workshop}, pages = {121--135}, year = 1996, @@ -374,7 +374,7 @@ @InProceedings{reed-protocols97, author = {Michael G. Reed and Paul F. Syverson and David - M. Goldschlag}, + M. Goldschlag}, title = {Protocols Using Anonymous Connections: Mobile Applications}, booktitle = {Security Protocols: 5th International Workshop}, pages = {13--23}, @@ -389,7 +389,7 @@ @Article{or-jsac98, author = {Michael G. Reed and Paul F. Syverson and David - M. Goldschlag}, + M. Goldschlag}, title = {Anonymous Connections and Onion Routing}, journal = {IEEE Journal on Selected Areas in Communications}, year = 1998, @@ -428,13 +428,13 @@ } @misc{pipenet, - title = {PipeNet 1.1}, - author = {Wei Dai}, - year = 1996, - month = {August}, - howpublished = {Usenet post}, + title = {PipeNet 1.1}, + author = {Wei Dai}, + year = 1996, + month = {August}, + howpublished = {Usenet post}, note = {\url{http://www.eskimo.com/~weidai/pipenet.txt} First mentioned - in a post to the cypherpunks list, Feb.\ 1995.}, + in a post to the cypherpunks list, Feb.\ 1995.}, } @@ -485,7 +485,7 @@ @InProceedings{web-mix, author = {Oliver Berthold and Hannes Federrath and Stefan K\"opsell}, title = {Web {MIX}es: A system for anonymous and unobservable - {I}nternet access}, + {I}nternet access}, booktitle = {Designing Privacy Enhancing Technologies: Workshop on Design Issue in Anonymity and Unobservability}, editor = {H. Federrath}, @@ -497,7 +497,7 @@ @InProceedings{disad-free-routes, author = {Oliver Berthold and Andreas Pfitzmann and Ronny Standtke}, title = {The disadvantages of free {MIX} routes and how to overcome - them}, + them}, booktitle = {Designing Privacy Enhancing Technologies: Workshop on Design Issue in Anonymity and Unobservability}, pages = {30--45}, @@ -576,7 +576,7 @@ @Misc{mixmaster-spec, author = {Ulf M{\"o}ller and Lance Cottrell and Peter - Palfrader and Len Sassaman}, + Palfrader and Len Sassaman}, title = {Mixmaster {P}rotocol --- {V}ersion 2}, year = {2003}, month = {July}, @@ -613,7 +613,7 @@ @InProceedings{oreilly-acc, author = {Roger Dingledine and Michael J. Freedman and David Molnar}, title = {Accountability}, - booktitle = {Peer-to-peer: Harnessing the Benefits of a Disruptive + booktitle = {Peer-to-peer: Harnessing the Benefits of a Disruptive Technology}, year = {2001}, publisher = {O'Reilly and Associates}, @@ -694,7 +694,7 @@ @InProceedings{kesdogan, author = {D. Kesdogan and M. Egner and T. B\"uschkes}, - title = {Stop-and-Go {MIX}es Providing Probabilistic Anonymity in an Open + title = {Stop-and-Go {MIX}es Providing Probabilistic Anonymity in an Open System}, booktitle = {Information Hiding (IH 1998)}, year = {1998}, @@ -706,7 +706,7 @@ author = {David Koblas and Michelle R. Koblas}, title = {{SOCKS}}, booktitle = {UNIX Security III Symposium (1992 USENIX Security - Symposium)}, + Symposium)}, pages = {77--83}, year = 1992, publisher = {USENIX}, @@ -740,15 +740,15 @@ note = {\newline \url{http://www-cse.ucsd.edu/users/mihir/papers/oaep.html}}, } @inproceedings{babel, - title = {Mixing {E}-mail With {B}abel}, - author = {Ceki G\"ulc\"u and Gene Tsudik}, - booktitle = {{Network and Distributed Security Symposium (NDSS 96)}}, - year = 1996, - month = {February}, - pages = {2--16}, - publisher = {IEEE}, + title = {Mixing {E}-mail With {B}abel}, + author = {Ceki G\"ulc\"u and Gene Tsudik}, + booktitle = {{Network and Distributed Security Symposium (NDSS 96)}}, + year = 1996, + month = {February}, + pages = {2--16}, + publisher = {IEEE}, } - %note = {\url{http://citeseer.nj.nec.com/2254.html}}, + %note = {\url{http://citeseer.nj.nec.com/2254.html}}, @Misc{rprocess, author = {RProcess}, @@ -779,7 +779,7 @@ %note = {\url{http://www.eskimo.com/~weidai/mix-net.txt}}, @InProceedings{nym-alias-net, - author = {David Mazi\`{e}res and M. Frans Kaashoek}, + author = {David Mazi\`{e}res and M. Frans Kaashoek}, title = {{The Design, Implementation and Operation of an Email Pseudonym Server}}, booktitle = {$5^{th}$ ACM Conference on Computer and @@ -792,7 +792,7 @@ @InProceedings{tangler, author = {Marc Waldman and David Mazi\`{e}res}, title = {Tangler: A Censorship-Resistant Publishing System - Based on Document Entanglements}, + Based on Document Entanglements}, booktitle = {$8^{th}$ ACM Conference on Computer and Communications Security (CCS-8)}, pages = {86--135}, @@ -803,14 +803,14 @@ @misc{neochaum, author = {Tim May}, - title = {Payment mixes for anonymity}, + title = {Payment mixes for anonymity}, howpublished = {E-mail archived at \url{http://\newline www.inet-one.com/cypherpunks/dir.2000.02.28-2000.03.05/msg00334.html}}, } -@misc{helsingius, +@misc{helsingius, author = {J. Helsingius}, - title = {{\tt anon.penet.fi} press release}, + title = {{\tt anon.penet.fi} press release}, note = {\newline \url{http://www.penet.fi/press-english.html}}, } @@ -871,13 +871,13 @@ } @Misc{advogato, - author = {Raph Levien}, + author = {Raph Levien}, title = {Advogato's Trust Metric}, note = {\newline \url{http://www.advogato.org/trust-metric.html}}, } @InProceedings{publius, - author = {Marc Waldman and Aviel Rubin and Lorrie Cranor}, + author = {Marc Waldman and Aviel Rubin and Lorrie Cranor}, title = {Publius: {A} robust, tamper-evident, censorship-resistant and source-anonymous web publishing system}, booktitle = {Proc. 9th USENIX Security Symposium}, @@ -897,22 +897,22 @@ } @techreport{freedom2-arch, - title = {Freedom Systems 2.0 Architecture}, - author = {Philippe Boucher and Adam Shostack and Ian Goldberg}, - institution = {Zero Knowledge Systems, {Inc.}}, - year = {2000}, - month = {December}, - type = {White Paper}, - day = {18}, + title = {Freedom Systems 2.0 Architecture}, + author = {Philippe Boucher and Adam Shostack and Ian Goldberg}, + institution = {Zero Knowledge Systems, {Inc.}}, + year = {2000}, + month = {December}, + type = {White Paper}, + day = {18}, } @techreport{freedom21-security, - title = {Freedom Systems 2.1 Security Issues and Analysis}, - author = {Adam Back and Ian Goldberg and Adam Shostack}, - institution = {Zero Knowledge Systems, {Inc.}}, - year = {2001}, - month = {May}, - type = {White Paper}, + title = {Freedom Systems 2.1 Security Issues and Analysis}, + author = {Adam Back and Ian Goldberg and Adam Shostack}, + institution = {Zero Knowledge Systems, {Inc.}}, + year = {2001}, + month = {May}, + type = {White Paper}, } @inproceedings{cfs:sosp01, @@ -925,12 +925,12 @@ } @inproceedings{SS03, - title = {Passive Attack Analysis for Connection-Based Anonymity Systems}, - author = {Andrei Serjantov and Peter Sewell}, - booktitle = {Computer Security -- ESORICS 2003}, + title = {Passive Attack Analysis for Connection-Based Anonymity Systems}, + author = {Andrei Serjantov and Peter Sewell}, + booktitle = {Computer Security -- ESORICS 2003}, publisher = {Springer-Verlag, LNCS 2808}, - year = {2003}, - month = {October}, + year = {2003}, + month = {October}, } %note = {\url{http://www.cl.cam.ac.uk/users/aas23/papers_aas/conn_sys.ps}}, @@ -945,7 +945,7 @@ } -@InProceedings{mix-acc, +@InProceedings{mix-acc, author = {Roger Dingledine and Michael J. Freedman and David Hopwood and David Molnar}, title = {{A Reputation System to Increase MIX-net @@ -980,7 +980,7 @@ @Misc{realtime-mix, author = {Anja Jerichow and Jan M\"uller and Andreas Pfitzmann and - Birgit Pfitzmann and Michael Waidner}, + Birgit Pfitzmann and Michael Waidner}, title = {{Real-Time MIXes: A Bandwidth-Efficient Anonymity Protocol}}, howpublished = {IEEE Journal on Selected Areas in Communications, 1998.}, note = {\url{http://www.zurich.ibm.com/security/publications/1998.html}}, @@ -1034,11 +1034,11 @@ } @phdthesis{ian-thesis, - title = {A Pseudonymous Communications Infrastructure for the Internet}, - author = {Ian Goldberg}, - school = {UC Berkeley}, - year = {2000}, - month = {Dec}, + title = {A Pseudonymous Communications Infrastructure for the Internet}, + author = {Ian Goldberg}, + school = {UC Berkeley}, + year = {2000}, + month = {Dec}, } @Article{taz, @@ -1061,22 +1061,22 @@ } @inproceedings{wright02, - title = {An Analysis of the Degradation of Anonymous Protocols}, - author = {Matthew Wright and Micah Adler and Brian Neil Levine and Clay Shields}, - booktitle = {{Network and Distributed Security Symposium (NDSS 02)}}, - year = {2002}, - month = {February}, - publisher = {IEEE}, + title = {An Analysis of the Degradation of Anonymous Protocols}, + author = {Matthew Wright and Micah Adler and Brian Neil Levine and Clay Shields}, + booktitle = {{Network and Distributed Security Symposium (NDSS 02)}}, + year = {2002}, + month = {February}, + publisher = {IEEE}, } @inproceedings{wright03, - title = {Defending Anonymous Communication Against Passive Logging Attacks}, - author = {Matthew Wright and Micah Adler and Brian Neil Levine and Clay Shields}, - booktitle = {IEEE Symposium on Security and Privacy}, + title = {Defending Anonymous Communication Against Passive Logging Attacks}, + author = {Matthew Wright and Micah Adler and Brian Neil Levine and Clay Shields}, + booktitle = {IEEE Symposium on Security and Privacy}, pages= {28--41}, - year = {2003}, - month = {May}, - publisher = {IEEE CS}, + year = {2003}, + month = {May}, + publisher = {IEEE CS}, } @@ -1099,15 +1099,15 @@ } @article{shsm03, - title = {Using Caching for Browsing Anonymity}, - author = {Anna Shubina and Sean Smith}, - journal = {ACM SIGEcom Exchanges}, - volume = {4}, - number = {2}, - year = {2003}, - month = {Sept}, - www_pdf_url = {http://www.acm.org/sigs/sigecom/exchanges/volume_4_(03)/4.2-Shubina.pdf}, - www_section = {Anonymous communication}, + title = {Using Caching for Browsing Anonymity}, + author = {Anna Shubina and Sean Smith}, + journal = {ACM SIGEcom Exchanges}, + volume = {4}, + number = {2}, + year = {2003}, + month = {Sept}, + www_pdf_url = {http://www.acm.org/sigs/sigecom/exchanges/volume_4_(03)/4.2-Shubina.pdf}, + www_section = {Anonymous communication}, } @inproceedings{tor-design, @@ -1199,7 +1199,13 @@ publisher = {O'Reilly Media}, } -%%% Local Variables: +@Misc{six-four, + key = {six-four}, + title = {{The Six/Four System}}, + note = {\url{http://sourceforge.net/projects/sixfour/}} +} + +%%% Local Variables: %%% mode: latex %%% TeX-master: "tor-design" -%%% End: +%%% End: