mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-23 20:03:31 +01:00
Several changes to background section, which is still a mess
Added bib file svn:r607
This commit is contained in:
parent
3c526e49ae
commit
f6e202307b
875
doc/tor-design.bib
Normal file
875
doc/tor-design.bib
Normal file
@ -0,0 +1,875 @@
|
|||||||
|
@Misc{anonymizer,
|
||||||
|
key = {anonymizer},
|
||||||
|
title = {The {Anonymizer}},
|
||||||
|
note = {\url{http://www.anonymizer.com}}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{anonnet,
|
||||||
|
key = {anonnet},
|
||||||
|
title = {{AnonNet}},
|
||||||
|
note = {\url{http://www.authnet.org/anonnet/}}
|
||||||
|
}
|
||||||
|
|
||||||
|
@inproceedings{econymics,
|
||||||
|
title = {On the Economics of Anonymity},
|
||||||
|
author = {Alessandro Acquisti and Roger Dingledine and Paul Syverson},
|
||||||
|
booktitle = {Financial Cryptography, FC 2003},
|
||||||
|
year = {2003},
|
||||||
|
editor = {Rebecca N. Wright},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2742},
|
||||||
|
note = {\url{http://freehaven.net/doc/fc03/econymics.pdf}},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@inproceedings{minion-design,
|
||||||
|
title = {Mixminion: Design of a Type {III} Anonymous Remailer Protocol},
|
||||||
|
author = {George Danezis and Roger Dingledine and Nick Mathewson},
|
||||||
|
booktitle = {2003 IEEE Symposium on Security and Privacy},
|
||||||
|
year = {2003},
|
||||||
|
month = {May},
|
||||||
|
publisher = {IEEE CS},
|
||||||
|
pages = {2--15},
|
||||||
|
note = {\url{http://mixminion.net/minion-design.pdf}},
|
||||||
|
www_important = {1},
|
||||||
|
www_section = {Anonymous communication},
|
||||||
|
}
|
||||||
|
|
||||||
|
@inproceedings{ rao-pseudonymity,
|
||||||
|
author = "Josyula R. Rao and Pankaj Rohatgi",
|
||||||
|
title = "Can Pseudonymity Really Guarantee Privacy?",
|
||||||
|
booktitle = "Proceedings of the Ninth USENIX Security Symposium",
|
||||||
|
year = {2000},
|
||||||
|
month = Aug,
|
||||||
|
publisher = {USENIX},
|
||||||
|
pages = "85--96",
|
||||||
|
note = {\url{http://www.usenix.org/publications/library/proceedings/sec2000/
|
||||||
|
full_papers/rao/rao.pdf}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{pfitzmann90how,
|
||||||
|
author = "Birgit Pfitzmann and Andreas Pfitzmann",
|
||||||
|
title = "How to Break the Direct {RSA}-Implementation of {MIXes}",
|
||||||
|
booktitle = {Eurocrypt 89},
|
||||||
|
publisher = {Springer-Verlag, LNCS 434},
|
||||||
|
year = {1990},
|
||||||
|
note = {\url{http://citeseer.nj.nec.com/pfitzmann90how.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{mixminion-spec,
|
||||||
|
author = {Mixminion},
|
||||||
|
title = {Type {III} ({M}ixminion) Mix Protocol Specifications},
|
||||||
|
note = {\newline \url{http://mixminion.net/minion-spec.txt}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{BM:mixencrypt,
|
||||||
|
author = {M{\"o}ller, Bodo},
|
||||||
|
title = {Provably Secure Public-Key Encryption for Length-Preserving Chaumian Mixes},
|
||||||
|
booktitle = {{CT-RSA} 2003},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2612},
|
||||||
|
year = 2003,
|
||||||
|
}
|
||||||
|
|
||||||
|
% Would a more recent reference for SPRPs be more useful?
|
||||||
|
@Article{sprp,
|
||||||
|
author = {Michael Luby and Charles Rackoff},
|
||||||
|
title = {How to Construct Pseudorandom Permutations from
|
||||||
|
Pseudorandom Functions},
|
||||||
|
journal = {SIAM Journal on Computing},
|
||||||
|
year = {1988},
|
||||||
|
volume = {17},
|
||||||
|
number = {2},
|
||||||
|
pages = {373--386},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{back01,
|
||||||
|
author = {Adam Back and Ulf M\"oller and Anton Stiglic},
|
||||||
|
title = {Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems},
|
||||||
|
booktitle = {Information Hiding (IH 2001)},
|
||||||
|
pages = {245--257},
|
||||||
|
year = 2001,
|
||||||
|
editor = {Ira S. Moskowitz},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2137},
|
||||||
|
note = {\newline \url{http://www.cypherspace.org/adam/pubs/traffic.pdf}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{rackoff93cryptographic,
|
||||||
|
author = {Charles Rackoff and Daniel R. Simon},
|
||||||
|
title = {Cryptographic Defense Against Traffic Analysis},
|
||||||
|
booktitle = {{ACM} Symposium on Theory of Computing},
|
||||||
|
pages = {672--681},
|
||||||
|
year = {1993},
|
||||||
|
note = {\url{http://research.microsoft.com/crypto/dansimon/me.htm}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{freehaven-berk,
|
||||||
|
author = {Roger Dingledine and Michael J. Freedman and David Molnar},
|
||||||
|
title = {The Free Haven Project: Distributed Anonymous Storage Service},
|
||||||
|
booktitle = {Designing Privacy Enhancing Technologies: Workshop
|
||||||
|
on Design Issue in Anonymity and Unobservability},
|
||||||
|
year = {2000},
|
||||||
|
month = {July},
|
||||||
|
editor = {H. Federrath},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2009},
|
||||||
|
note = {\url{http://freehaven.net/papers.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{raymond00,
|
||||||
|
author = {J. F. Raymond},
|
||||||
|
title = {{Traffic Analysis: Protocols, Attacks, Design Issues,
|
||||||
|
and Open Problems}},
|
||||||
|
booktitle = {Designing Privacy Enhancing Technologies: Workshop
|
||||||
|
on Design Issue in Anonymity and Unobservability},
|
||||||
|
year = 2000,
|
||||||
|
month = {July},
|
||||||
|
pages = {10-29},
|
||||||
|
editor = {H. Federrath},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2009},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{trickle02,
|
||||||
|
author = {Andrei Serjantov and Roger Dingledine and Paul Syverson},
|
||||||
|
title = {From a Trickle to a Flood: Active Attacks on Several
|
||||||
|
Mix Types},
|
||||||
|
booktitle = {Information Hiding (IH 2002)},
|
||||||
|
year = {2002},
|
||||||
|
editor = {Fabien Petitcolas},
|
||||||
|
publisher = {Springer-Verlag, LNCS (forthcoming)},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{langos02,
|
||||||
|
author = {Oliver Berthold and Heinrich Langos},
|
||||||
|
title = {Dummy Traffic Against Long Term Intersection Attacks},
|
||||||
|
booktitle = {Privacy Enhancing Technologies (PET 2002)},
|
||||||
|
year = {2002},
|
||||||
|
editor = {Roger Dingledine and Paul Syverson},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2482}
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{or-discex00,
|
||||||
|
author = {Paul Syverson and Michael Reed and David Goldschlag},
|
||||||
|
title = {{O}nion {R}outing Access Configurations},
|
||||||
|
booktitle = {DARPA Information Survivability Conference and
|
||||||
|
Exposition (DISCEX 2000)},
|
||||||
|
year = {2000},
|
||||||
|
publisher = {IEEE CS Press},
|
||||||
|
pages = {34--40},
|
||||||
|
volume = {1},
|
||||||
|
note = {\newline \url{http://www.onion-router.net/Publications.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Inproceedings{or-pet02,
|
||||||
|
title = {{Towards an Analysis of Onion Routing Security}},
|
||||||
|
author = {Paul Syverson and Gene Tsudik and Michael Reed and
|
||||||
|
Carl Landwehr},
|
||||||
|
booktitle = {Designing Privacy Enhancing Technologies: Workshop
|
||||||
|
on Design Issue in Anonymity and Unobservability},
|
||||||
|
year = 2000,
|
||||||
|
month = {July},
|
||||||
|
pages = {96--114},
|
||||||
|
editor = {H. Federrath},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2009},
|
||||||
|
note = {\url{http://www.onion-router.net/Publications/WDIAU-2000.ps.gz}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{or-ih96,
|
||||||
|
author = {David M. Goldschlag and Michael G. Reed and Paul
|
||||||
|
F. Syverson},
|
||||||
|
title = {Hiding Routing Information},
|
||||||
|
booktitle = {Information Hiding, First International Workshop},
|
||||||
|
pages = {137--150},
|
||||||
|
year = 1996,
|
||||||
|
editor = {R. Anderson},
|
||||||
|
month = {May},
|
||||||
|
publisher = {Springer-Verlag, LNCS 1174},
|
||||||
|
note = {\url{http://www.onion-router.net/Publications/IH-1996.ps.gz}}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Article{or-jsac98,
|
||||||
|
author = {Michael G. Reed and Paul F. Syverson and David
|
||||||
|
M. Goldschlag},
|
||||||
|
title = {Anonymous Connections and Onion Routing},
|
||||||
|
journal = {IEEE Journal on Selected Areas in Communications},
|
||||||
|
year = 1998,
|
||||||
|
volume = 16,
|
||||||
|
number = 4,
|
||||||
|
pages = {482--494},
|
||||||
|
month = {May},
|
||||||
|
note = {\url{http://www.onion-router.net/Publications/JSAC-1998.ps.gz}}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{TLS,
|
||||||
|
author = {T. Dierks and C. Allen},
|
||||||
|
title = {The {TLS} {P}rotocol --- {V}ersion 1.0},
|
||||||
|
howpublished = {IETF RFC 2246},
|
||||||
|
month = {January},
|
||||||
|
year = {1999},
|
||||||
|
note = {\url{http://www.rfc-editor.org/rfc/rfc2246.txt}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{SMTP,
|
||||||
|
author = {J. Postel},
|
||||||
|
title = {Simple {M}ail {T}ransfer {P}rotocol},
|
||||||
|
howpublished = {IETF RFC 2821 (also STD0010)},
|
||||||
|
month = {April},
|
||||||
|
year = {2001},
|
||||||
|
note = {\url{http://www.rfc-editor.org/rfc/rfc2821.txt}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{IMAP,
|
||||||
|
author = {M. Crispin},
|
||||||
|
title = {Internet {M}essage {A}ccess {P}rotocol --- {V}ersion 4rev1},
|
||||||
|
howpublished = {IETF RFC 2060},
|
||||||
|
month = {December},
|
||||||
|
year = {1996},
|
||||||
|
note = {\url{http://www.rfc-editor.org/rfc/rfc2060.txt}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{POP3,
|
||||||
|
author = {J. Myers and M. Rose},
|
||||||
|
title = {Post {O}ffice {P}rotocol --- {V}ersion 3},
|
||||||
|
howpublished = {IETF RFC 1939 (also STD0053)},
|
||||||
|
month = {May},
|
||||||
|
year = {1996},
|
||||||
|
note = {\url{http://www.rfc-editor.org/rfc/rfc1939.txt}},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@InProceedings{shuffle,
|
||||||
|
author = {C. Andrew Neff},
|
||||||
|
title = {A Verifiable Secret Shuffle and its Application to E-Voting},
|
||||||
|
booktitle = {8th ACM Conference on Computer and Communications
|
||||||
|
Security (CCS-8)},
|
||||||
|
pages = {116--125},
|
||||||
|
year = 2001,
|
||||||
|
editor = {P. Samarati},
|
||||||
|
month = {November},
|
||||||
|
publisher = {ACM Press},
|
||||||
|
note = {\url{http://www.votehere.net/ada_compliant/ourtechnology/
|
||||||
|
technicaldocs/shuffle.pdf}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{dolev91,
|
||||||
|
author = {Danny Dolev and Cynthia Dwork and Moni Naor},
|
||||||
|
title = {Non-Malleable Cryptography},
|
||||||
|
booktitle = {23rd ACM Symposium on the Theory of Computing (STOC)},
|
||||||
|
pages = {542--552},
|
||||||
|
year = 1991,
|
||||||
|
note = {Updated version at
|
||||||
|
\url{http://citeseer.nj.nec.com/dolev00nonmalleable.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@TechReport{rsw96,
|
||||||
|
author = {Ronald L. Rivest and Adi Shamir and David A. Wagner},
|
||||||
|
title = {Time-lock puzzles and timed-release Crypto},
|
||||||
|
year = 1996,
|
||||||
|
type = {MIT LCS technical memo},
|
||||||
|
number = {MIT/LCS/TR-684},
|
||||||
|
month = {February},
|
||||||
|
note = {\newline \url{http://citeseer.nj.nec.com/rivest96timelock.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{web-mix,
|
||||||
|
author = {Oliver Berthold and Hannes Federrath and Stefan K\"opsell},
|
||||||
|
title = {Web {MIX}es: A system for anonymous and unobservable
|
||||||
|
{I}nternet access},
|
||||||
|
booktitle = {Designing Privacy Enhancing Technologies: Workshop
|
||||||
|
on Design Issue in Anonymity and Unobservability},
|
||||||
|
editor = {H. Federrath},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2009},
|
||||||
|
pages = {115--129},
|
||||||
|
year = 2000,
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{disad-free-routes,
|
||||||
|
author = {Oliver Berthold and Andreas Pfitzmann and Ronny Standtke},
|
||||||
|
title = {The disadvantages of free {MIX} routes and how to overcome
|
||||||
|
them},
|
||||||
|
booktitle = {Designing Privacy Enhancing Technologies: Workshop
|
||||||
|
on Design Issue in Anonymity and Unobservability},
|
||||||
|
pages = {30--45},
|
||||||
|
year = 2000,
|
||||||
|
editor = {H. Federrath},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2009},
|
||||||
|
note = {\url{http://www.tik.ee.ethz.ch/~weiler/lehre/netsec/Unterlagen/anon/
|
||||||
|
disadvantages_berthold.pdf}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{boneh00,
|
||||||
|
author = {Dan Boneh and Moni Naor},
|
||||||
|
title = {Timed Commitments},
|
||||||
|
booktitle = {Advances in Cryptology -- {CRYPTO} 2000},
|
||||||
|
pages = {236--254},
|
||||||
|
year = 2000,
|
||||||
|
publisher = {Springer-Verlag, LNCS 1880},
|
||||||
|
note = {\newline \url{http://crypto.stanford.edu/~dabo/abstracts/timedcommit.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{goldschlag98,
|
||||||
|
author = {David M. Goldschlag and Stuart G. Stubblebine},
|
||||||
|
title = {Publicly Verifiable Lotteries: Applications of
|
||||||
|
Delaying Functions},
|
||||||
|
booktitle = {Financial Cryptography, FC'98},
|
||||||
|
pages = {214--226},
|
||||||
|
year = 1998,
|
||||||
|
publisher = {Springer-Verlag, LNCS 1465},
|
||||||
|
note = {\newline \url{http://citeseer.nj.nec.com/goldschlag98publicly.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{syverson98,
|
||||||
|
author = {Paul Syverson},
|
||||||
|
title = {Weakly Secret Bit Commitment: Applications to
|
||||||
|
Lotteries and Fair Exchange},
|
||||||
|
booktitle = {Computer Security Foundations Workshop (CSFW11)},
|
||||||
|
pages = {2--13},
|
||||||
|
year = 1998,
|
||||||
|
address = {Rockport Massachusetts},
|
||||||
|
month = {June},
|
||||||
|
publisher = {IEEE CS Press},
|
||||||
|
note = {\newline \url{http://chacs.nrl.navy.mil/publications/CHACS/1998/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{shoup-iso,
|
||||||
|
author = {Victor Shoup},
|
||||||
|
title = {A Proposal for an {ISO} {S}tandard for Public Key Encryption (version 2.1)},
|
||||||
|
note = {Revised December 20, 2001. \url{http://www.shoup.net/papers/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{shoup-oaep,
|
||||||
|
author = {Victor Shoup},
|
||||||
|
title = {{OAEP} Reconsidered},
|
||||||
|
howpublished = {{IACR} e-print 2000/060},
|
||||||
|
note = {\newline \url{http://eprint.iacr.org/2000/060/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{oaep-still-alive,
|
||||||
|
author = {E. Fujisaki and D. Pointcheval and T. Okamoto and J. Stern},
|
||||||
|
title = {{RSA}-{OAEP} is Still Alive!},
|
||||||
|
howpublished = {{IACR} e-print 2000/061},
|
||||||
|
note = {\newline \url{http://eprint.iacr.org/2000/061/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@misc{echolot,
|
||||||
|
author = {Peter Palfrader},
|
||||||
|
title = {Echolot: a pinger for anonymous remailers},
|
||||||
|
note = {\url{http://www.palfrader.org/echolot/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{mixmaster-attacks,
|
||||||
|
author = {Lance Cottrell},
|
||||||
|
title = {Mixmaster and Remailer Attacks},
|
||||||
|
note = {\url{http://www.obscura.com/~loki/remailer/remailer-essay.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{mixmaster-spec,
|
||||||
|
author = {Ulf M{\"o}ller and Lance Cottrell and Peter
|
||||||
|
Palfrader and Len Sassaman},
|
||||||
|
title = {Mixmaster {P}rotocol --- {V}ersion 2},
|
||||||
|
year = {2003},
|
||||||
|
month = {July},
|
||||||
|
howpublished = {Draft},
|
||||||
|
note = {\url{http://www.abditum.com/mixmaster-spec.txt}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Article{mitzenm-loss,
|
||||||
|
author = {G. Louth and M. Mitzenmacher and F.P. Kelly},
|
||||||
|
title = {Computational Complexity of Loss Networks},
|
||||||
|
journal = {Theoretical Computer Science},
|
||||||
|
year = {1994},
|
||||||
|
volume = {125},
|
||||||
|
pages = {45-59},
|
||||||
|
note = {\newline \url{http://citeseer.nj.nec.com/louth94computational.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{hashcash,
|
||||||
|
author = {Adam Back},
|
||||||
|
title = {Hash cash},
|
||||||
|
note = {\newline \url{http://www.cypherspace.org/~adam/hashcash/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{oreilly-acc,
|
||||||
|
author = {Roger Dingledine and Michael J. Freedman and David Molnar},
|
||||||
|
title = {Accountability},
|
||||||
|
booktitle = {Peer-to-peer: Harnessing the Benefits of a Disruptive
|
||||||
|
Technology},
|
||||||
|
year = {2001},
|
||||||
|
publisher = {O'Reilly and Associates},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@InProceedings{han,
|
||||||
|
author = {Yongfei Han},
|
||||||
|
title = {Investigation of non-repudiation protocols},
|
||||||
|
booktitle = {ACISP '96},
|
||||||
|
year = 1996,
|
||||||
|
publisher = {Springer-Verlag},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Misc{socks5,
|
||||||
|
key = {socks5},
|
||||||
|
title = {{SOCKS} {P}rotocol {V}ersion 5},
|
||||||
|
howpublished= {IETF RFC 1928},
|
||||||
|
month = {March},
|
||||||
|
year = 1996,
|
||||||
|
note = {\url{http://www.ietf.org/rfc/rfc1928.txt}}
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{abe,
|
||||||
|
author = {Masayuki Abe},
|
||||||
|
title = {Universally Verifiable {MIX} With Verification Work Independent of
|
||||||
|
The Number of {MIX} Servers},
|
||||||
|
booktitle = {{EUROCRYPT} 1998},
|
||||||
|
year = {1998},
|
||||||
|
publisher = {Springer-Verlag, LNCS 1403},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{desmedt,
|
||||||
|
author = {Yvo Desmedt and Kaoru Kurosawa},
|
||||||
|
title = {How To Break a Practical {MIX} and Design a New One},
|
||||||
|
booktitle = {{EUROCRYPT} 2000},
|
||||||
|
year = {2000},
|
||||||
|
publisher = {Springer-Verlag, LNCS 1803},
|
||||||
|
note = {\url{http://citeseer.nj.nec.com/447709.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{mitkuro,
|
||||||
|
author = {M. Mitomo and K. Kurosawa},
|
||||||
|
title = {{Attack for Flash MIX}},
|
||||||
|
booktitle = {{ASIACRYPT} 2000},
|
||||||
|
year = {2000},
|
||||||
|
publisher = {Springer-Verlag, LNCS 1976},
|
||||||
|
note = {\newline \url{http://citeseer.nj.nec.com/450148.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{hybrid-mix,
|
||||||
|
author = {M. Ohkubo and M. Abe},
|
||||||
|
title = {A {L}ength-{I}nvariant {H}ybrid {MIX}},
|
||||||
|
booktitle = {Advances in Cryptology - {ASIACRYPT} 2000},
|
||||||
|
year = {2000},
|
||||||
|
publisher = {Springer-Verlag, LNCS 1976},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{PShuffle,
|
||||||
|
author = {Jun Furukawa and Kazue Sako},
|
||||||
|
title = {An Efficient Scheme for Proving a Shuffle},
|
||||||
|
editor = {Joe Kilian},
|
||||||
|
booktitle = {CRYPTO 2001},
|
||||||
|
year = {2001},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2139},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@InProceedings{jakobsson-optimally,
|
||||||
|
author = "Markus Jakobsson and Ari Juels",
|
||||||
|
title = "An Optimally Robust Hybrid Mix Network (Extended Abstract)",
|
||||||
|
booktitle = {Principles of Distributed Computing - {PODC} '01},
|
||||||
|
year = "2001",
|
||||||
|
publisher = {ACM Press},
|
||||||
|
note = {\url{http://citeseer.nj.nec.com/492015.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{kesdogan,
|
||||||
|
author = {D. Kesdogan and M. Egner and T. B\"uschkes},
|
||||||
|
title = {Stop-and-Go {MIX}es Providing Probabilistic Anonymity in an Open
|
||||||
|
System},
|
||||||
|
booktitle = {Information Hiding (IH 1998)},
|
||||||
|
year = {1998},
|
||||||
|
publisher = {Springer-Verlag, LNCS 1525},
|
||||||
|
note = {\url{http://www.cl.cam.ac.uk/~fapp2/ihw98/ihw98-sgmix.pdf}},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@InProceedings{socks4,
|
||||||
|
author = {David Koblas and Michelle R. Koblas},
|
||||||
|
title = {{SOCKS}},
|
||||||
|
booktitle = {UNIX Security III Symposium (1992 USENIX Security
|
||||||
|
Symposium)},
|
||||||
|
pages = {77--83},
|
||||||
|
year = 1992,
|
||||||
|
publisher = {USENIX},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{flash-mix,
|
||||||
|
author = {Markus Jakobsson},
|
||||||
|
title = {Flash {M}ixing},
|
||||||
|
booktitle = {Principles of Distributed Computing - {PODC} '99},
|
||||||
|
year = {1999},
|
||||||
|
publisher = {ACM Press},
|
||||||
|
note = {\newline \url{http://citeseer.nj.nec.com/jakobsson99flash.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{SK,
|
||||||
|
author = {Joe Kilian and Kazue Sako},
|
||||||
|
title = {Receipt-Free {MIX}-Type Voting Scheme - A Practical Solution to
|
||||||
|
the Implementation of a Voting Booth},
|
||||||
|
booktitle = {EUROCRYPT '95},
|
||||||
|
year = {1995},
|
||||||
|
publisher = {Springer-Verlag},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{OAEP,
|
||||||
|
author = {M. Bellare and P. Rogaway},
|
||||||
|
year = {1994},
|
||||||
|
booktitle = {EUROCRYPT '94},
|
||||||
|
title = {Optimal {A}symmetric {E}ncryption {P}adding : How To Encrypt With
|
||||||
|
{RSA}},
|
||||||
|
publisher = {Springer-Verlag},
|
||||||
|
note = {\newline \url{http://www-cse.ucsd.edu/users/mihir/papers/oaep.html}},
|
||||||
|
}
|
||||||
|
@inproceedings{babel,
|
||||||
|
title = {Mixing {E}-mail With {B}abel},
|
||||||
|
author = {Ceki G\"ulc\"u and Gene Tsudik},
|
||||||
|
booktitle = {Proceedings of the Network and Distributed Security Symposium - {NDSS} '96},
|
||||||
|
year = 1996,
|
||||||
|
month = {February},
|
||||||
|
pages = {2--16},
|
||||||
|
publisher = {IEEE},
|
||||||
|
www_important = 1,
|
||||||
|
note = {\url{http://citeseer.nj.nec.com/2254.html}},
|
||||||
|
www_section = {Anonymous communication},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{freenet,
|
||||||
|
author = {Ian Clarke and Oskar Sandberg and Brandon Wiley and Theodore W. Hong},
|
||||||
|
title = {Freenet: {A} Distributed Anonymous Information Storage and Retrieval
|
||||||
|
System},
|
||||||
|
booktitle = {Workshop on Design Issues in Anonymity and Unobservability},
|
||||||
|
pages = {46--66},
|
||||||
|
year = {2000},
|
||||||
|
note = {\newline \url{http://citeseer.nj.nec.com/clarke00freenet.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{rprocess,
|
||||||
|
author = {RProcess},
|
||||||
|
title = {Selective Denial of Service Attacks},
|
||||||
|
note = {\newline \url{http://www.eff.org/pub/Privacy/Anonymity/1999\_09\_DoS\_remail\_vuln.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Article{remailer-history,
|
||||||
|
author = {Sameer Parekh},
|
||||||
|
title = {Prospects for Remailers},
|
||||||
|
journal = {First Monday},
|
||||||
|
volume = {1},
|
||||||
|
number = {2},
|
||||||
|
month = {August},
|
||||||
|
year = {1996},
|
||||||
|
note = {\url{http://www.firstmonday.dk/issues/issue2/remailers/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{remailer-history-old,
|
||||||
|
author = {Tim May},
|
||||||
|
title = {Description of early remailer history},
|
||||||
|
howpublished = {E-mail archived at
|
||||||
|
\url{http://www.inet-one.com/cypherpunks/dir.1996.08.29-1996.09.04/
|
||||||
|
msg00431.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Article{chaum-mix,
|
||||||
|
author = {David Chaum},
|
||||||
|
title = {Untraceable electronic mail, return addresses, and digital pseudo-nyms},
|
||||||
|
journal = {Communications of the ACM},
|
||||||
|
year = {1981},
|
||||||
|
volume = {4},
|
||||||
|
number = {2},
|
||||||
|
month = {February},
|
||||||
|
note = {\url{http://www.eskimo.com/~weidai/mix-net.txt}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{nym-alias-net,
|
||||||
|
author = {David Mazi\`{e}res and M. Frans Kaashoek},
|
||||||
|
title = {{The Design, Implementation and Operation of an Email
|
||||||
|
Pseudonym Server}},
|
||||||
|
booktitle = {$5^{th}$ ACM Conference on Computer and
|
||||||
|
Communications Security (CCS'98)},
|
||||||
|
year = 1998,
|
||||||
|
publisher = {ACM Press},
|
||||||
|
note = {\newline \url{http://www.scs.cs.nyu.edu/~dm/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{timmay,
|
||||||
|
author = {Tim May},
|
||||||
|
title = {Cyphernomicon},
|
||||||
|
note = {\newline \url{http://www2.pro-ns.net/~crypto/cyphernomicon.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@misc{neochaum,
|
||||||
|
author = {Tim May},
|
||||||
|
title = {Payment mixes for anonymity},
|
||||||
|
howpublished = {E-mail archived at
|
||||||
|
\url{http://\newline www.inet-one.com/cypherpunks/dir.2000.02.28-2000.03.05/msg00334.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@misc{pidaho,
|
||||||
|
author = {Joel McNamara},
|
||||||
|
title = {{P}rivate {I}daho},
|
||||||
|
note = {\newline \url{http://www.eskimo.com/~joelm/pi.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@misc{potato,
|
||||||
|
author = {RProcess},
|
||||||
|
title = {{P}otato {S}oftware},
|
||||||
|
note = {\newline \url{http://www.skuz.net/potatoware/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@misc{helsingius,
|
||||||
|
author = {J. Helsingius},
|
||||||
|
title = {{\tt anon.penet.fi} press release},
|
||||||
|
note = {\newline \url{http://www.penet.fi/press-english.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@misc{mix-stats,
|
||||||
|
author = {Christian Mock},
|
||||||
|
title = {Mixmaster Stats ({A}ustria)},
|
||||||
|
note = {\newline \url{http://www.tahina.priv.at/~cm/stats/mlist2.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{garay97secure,
|
||||||
|
author = {J. Garay and R. Gennaro and C. Jutla and T. Rabin},
|
||||||
|
title = {Secure distributed storage and retrieval},
|
||||||
|
booktitle = {11th International Workshop, WDAG '97},
|
||||||
|
pages = {275--289},
|
||||||
|
year = {1997},
|
||||||
|
publisher = {Springer-Verlag, LNCS 1320},
|
||||||
|
note = {\newline \url{http://citeseer.nj.nec.com/garay97secure.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{PIK,
|
||||||
|
author = {C. Park and K. Itoh and K. Kurosawa},
|
||||||
|
title = {Efficient anonymous channel and all/nothing election scheme},
|
||||||
|
booktitle = {Advances in Cryptology -- {EUROCRYPT} '93},
|
||||||
|
pages = {248--259},
|
||||||
|
publisher = {Springer-Verlag, LNCS 765},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{pgpfaq,
|
||||||
|
key = {PGP},
|
||||||
|
title = {{PGP} {FAQ}},
|
||||||
|
note = {\newline \url{http://www.faqs.org/faqs/pgp-faq/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Article{riordan-schneier,
|
||||||
|
author = {James Riordan and Bruce Schneier},
|
||||||
|
title = {A Certified E-mail Protocol with No Trusted Third Party},
|
||||||
|
journal = {13th Annual Computer Security Applications Conference},
|
||||||
|
month = {December},
|
||||||
|
year = {1998},
|
||||||
|
note = {\newline \url{http://www.counterpane.com/certified-email.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Article{crowds-tissec,
|
||||||
|
author = {Michael K. Reiter and Aviel D. Rubin},
|
||||||
|
title = {Crowds: Anonymity for Web Transactions},
|
||||||
|
journal = {ACM TISSEC},
|
||||||
|
year = 1998,
|
||||||
|
volume = 1,
|
||||||
|
number = 1,
|
||||||
|
pages = {66--92},
|
||||||
|
month = {November},
|
||||||
|
note = {\url{http://citeseer.nj.nec.com/284739.html}}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Article{crowds-dimacs,
|
||||||
|
author = {Michael K. Reiter and Aviel D. Rubin},
|
||||||
|
title = {Crowds: Anonymity for Web Transactions},
|
||||||
|
journal = {{DIMACS} Technical Report (Revised)},
|
||||||
|
volume = {97},
|
||||||
|
number = {15},
|
||||||
|
month = {August},
|
||||||
|
year = {1997},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{freedom,
|
||||||
|
author = {Zero Knowledge Systems},
|
||||||
|
title = {Freedom Version 2 White Papers},
|
||||||
|
note = {\newline \url{http://www.freedom.net/info/whitepapers/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Misc{recovery,
|
||||||
|
author = {Miguel Castro and Barbara Liskov},
|
||||||
|
title = {Proactive Recovery in a Byzantine-Fault-Tolerant System},
|
||||||
|
note = {\newline \url{http://www.pmg.lcs.mit.edu/~castro/application/recovery.pdf}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{advogato,
|
||||||
|
author = {Raph Levien},
|
||||||
|
title = {Advogato's Trust Metric},
|
||||||
|
note = {\newline \url{http://www.advogato.org/trust-metric.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{rabin-ida,
|
||||||
|
author = {Michael O. Rabin},
|
||||||
|
title = {Efficient Dispersal of Information for security, load balancing,
|
||||||
|
and fault tolerance},
|
||||||
|
booktitle = {Journal of the ACM},
|
||||||
|
year = {1989},
|
||||||
|
volume = {36},
|
||||||
|
number = {2},
|
||||||
|
series = {335--348},
|
||||||
|
month = {April},
|
||||||
|
}
|
||||||
|
|
||||||
|
@PhdThesis{malkin-thesis,
|
||||||
|
author = {Tal Malkin},
|
||||||
|
school = {{MIT}},
|
||||||
|
title = {Private {I}nformation {R}etrieval},
|
||||||
|
year = {2000},
|
||||||
|
note = {\newline \url{http://toc.lcs.mit.edu/~tal/pubs.html}}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{zks,
|
||||||
|
title = {Zero {K}nowledge {S}ystems},
|
||||||
|
note = {\newline \url{http://www.freedom.net/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{publius,
|
||||||
|
author = {Marc Waldman and Aviel Rubin and Lorrie Cranor},
|
||||||
|
title = {Publius: {A} robust, tamper-evident, censorship-resistant and
|
||||||
|
source-anonymous web publishing system},
|
||||||
|
booktitle = {Proc. 9th USENIX Security Symposium},
|
||||||
|
pages = {59--72},
|
||||||
|
year = {2000},
|
||||||
|
month = {August},
|
||||||
|
note = {\newline \url{http://citeseer.nj.nec.com/waldman00publius.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{freedom-nyms,
|
||||||
|
author = {Russell Samuels},
|
||||||
|
title = {Untraceable Nym Creation on the {F}reedom {N}etwork},
|
||||||
|
year = {1999},
|
||||||
|
month = {November},
|
||||||
|
day = {21},
|
||||||
|
note = {\newline \url{http://www.freedom.net/products/whitepapers/white11.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Article{raghavan87randomized,
|
||||||
|
author = {P. Raghavan and C. Thompson},
|
||||||
|
title = {Randomized rounding: A technique for provably good algorithms and algorithmic proofs},
|
||||||
|
journal = {Combinatorica},
|
||||||
|
volume = {7},
|
||||||
|
pages = {365--374},
|
||||||
|
year = {1987},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{leighton91fast,
|
||||||
|
author = {Frank Thomson Leighton and Fillia Makedon and Serge A. Plotkin and
|
||||||
|
Clifford Stein and Eva Tardos and Spyros Tragoudas},
|
||||||
|
title = {Fast Approximation Algorithms for Multicommodity Flow Problems},
|
||||||
|
booktitle = {{ACM} Symposium on Theory of Computing},
|
||||||
|
pages = {101-111},
|
||||||
|
year = {1991},
|
||||||
|
note = {\newline \url{http://citeseer.nj.nec.com/91073.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{pk-relations,
|
||||||
|
author = {M. Bellare and A. Desai and D. Pointcheval and P. Rogaway},
|
||||||
|
title = {Relations Among Notions of Security for Public-Key Encryption
|
||||||
|
Schemes},
|
||||||
|
howpublished = {
|
||||||
|
Extended abstract in {\em Advances in Cryptology - CRYPTO '98}, LNCS Vol. 1462.
|
||||||
|
Springer-Verlag, 1998.
|
||||||
|
Full version available from \newline \url{http://www-cse.ucsd.edu/users/mihir/}},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@InProceedings{mix-acc,
|
||||||
|
author = {Roger Dingledine and Michael J. Freedman and David
|
||||||
|
Hopwood and David Molnar},
|
||||||
|
title = {{A Reputation System to Increase MIX-net
|
||||||
|
Reliability}},
|
||||||
|
booktitle = {Information Hiding (IH 2001)},
|
||||||
|
pages = {126--141},
|
||||||
|
year = 2001,
|
||||||
|
editor = {Ira S. Moskowitz},
|
||||||
|
publisher = {Springer-Verlag, LNCS 2137},
|
||||||
|
note = {\url{http://www.freehaven.net/papers.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{casc-rep,
|
||||||
|
author = {Roger Dingledine and Paul Syverson},
|
||||||
|
title = {{Reliable MIX Cascade Networks through Reputation}},
|
||||||
|
booktitle = {Financial Cryptography (FC '02)},
|
||||||
|
year = 2002,
|
||||||
|
editor = {Matt Blaze},
|
||||||
|
publisher = {Springer-Verlag, LNCS (forthcoming)},
|
||||||
|
note = {\newline \url{http://www.freehaven.net/papers.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{zhou96certified,
|
||||||
|
author = {Zhou and Gollmann},
|
||||||
|
title = {Certified Electronic Mail},
|
||||||
|
booktitle = {{ESORICS: European Symposium on Research in Computer
|
||||||
|
Security}},
|
||||||
|
publisher = {Springer-Verlag, LNCS 1146},
|
||||||
|
year = {1996},
|
||||||
|
note = {\newline \url{http://citeseer.nj.nec.com/zhou96certified.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{realtime-mix,
|
||||||
|
author = {Anja Jerichow and Jan M\"uller and Andreas Pfitzmann and
|
||||||
|
Birgit Pfitzmann and Michael Waidner},
|
||||||
|
title = {{Real-Time MIXes: A Bandwidth-Efficient Anonymity Protocol}},
|
||||||
|
howpublished = {IEEE Journal on Selected Areas in Communications, 1998.},
|
||||||
|
note = {\url{http://www.zurich.ibm.com/security/publications/1998.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{BEAR-LIONESS,
|
||||||
|
author = {Ross Anderson and Eli Biham},
|
||||||
|
title = {Two Practical and Provably Secure Block Ciphers: {BEAR} and {LION}},
|
||||||
|
booktitle = {International Workshop on Fast Software Encryption},
|
||||||
|
year = {1996},
|
||||||
|
publisher = {Springer-Verlag},
|
||||||
|
note = {\url{http://citeseer.nj.nec.com/anderson96two.html}},
|
||||||
|
}
|
||||||
|
|
||||||
|
@Misc{SPC,
|
||||||
|
author = {Daniel Bleichenbacher and Anand Desai},
|
||||||
|
title = {A Construction of a Super-Pseudorandom Cipher},
|
||||||
|
howpublished = {Manuscript},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@InProceedings{gap-pets03,
|
||||||
|
author = {Krista Bennett and Christian Grothoff},
|
||||||
|
title = {{GAP} -- practical anonymous networking},
|
||||||
|
booktitle = {Privacy Enhancing Technologies (PET 2003)},
|
||||||
|
year = 2003,
|
||||||
|
editor = {Roger Dingledine},
|
||||||
|
publisher = {Springer-Verlag LNCS (forthcoming)}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Article{hordes-jcs,
|
||||||
|
author = {Brian Neal Levine and Clay Shields},
|
||||||
|
title = {Hordes: A Multicast-Based Protocol for Anonymity},
|
||||||
|
journal = {Journal of Computer Security},
|
||||||
|
year = 2002,
|
||||||
|
volume = 10,
|
||||||
|
number = 3,
|
||||||
|
pages = {213--240}
|
||||||
|
}
|
||||||
|
|
||||||
|
@TechReport{herbivore,
|
||||||
|
author = {Sharad Goel and Mark Robson and Milo Polte and Emin G\"{u}n Sirer},
|
||||||
|
title = {Herbivore: A Scalable and Efficient Protocol for Anonymous Communication},
|
||||||
|
institution = {Cornell University Computing and Information Science},
|
||||||
|
year = 2003,
|
||||||
|
type = {Technical Report},
|
||||||
|
number = {TR2003-1890},
|
||||||
|
month = {February}
|
||||||
|
}
|
||||||
|
|
||||||
|
@InProceedings{p5,
|
||||||
|
author = {Rob Sherwood and Bobby Bhattacharjee and Aravind Srinivasan},
|
||||||
|
title = {$P^5$: A Protocol for Scalable Anonymous Communication},
|
||||||
|
booktitle = {2002 IEEE Symposium on Security and Privacy},
|
||||||
|
pages = {58--70},
|
||||||
|
year = 2002,
|
||||||
|
publisher = {IEEE CS}
|
||||||
|
}
|
||||||
|
|
||||||
|
%%% Local Variables:
|
||||||
|
%%% mode: latex
|
||||||
|
%%% TeX-master: "tor-design"
|
||||||
|
%%% End:
|
@ -1,8 +1,6 @@
|
|||||||
\documentclass[times,10pt,twocolumn]{article}
|
\documentclass[times,10pt,twocolumn]{article}
|
||||||
%\usepackage{/home/syverson/papers/latex8}
|
|
||||||
%\usepackage{/home/syverson/papers/times}
|
|
||||||
\usepackage{latex8}
|
\usepackage{latex8}
|
||||||
\usepackage{times}
|
%\usepackage{times}
|
||||||
\usepackage{url}
|
\usepackage{url}
|
||||||
\usepackage{graphics}
|
\usepackage{graphics}
|
||||||
\usepackage{amsmath}
|
\usepackage{amsmath}
|
||||||
@ -69,7 +67,7 @@ predecessor and successor, but no others. Traffic flowing down the circuit
|
|||||||
is sent in fixed-size \emph{cells}, which are unwrapped by a symmetric key
|
is sent in fixed-size \emph{cells}, which are unwrapped by a symmetric key
|
||||||
at each node, revealing the downstream node. The original onion routing
|
at each node, revealing the downstream node. The original onion routing
|
||||||
project published several design and analysis papers
|
project published several design and analysis papers
|
||||||
\cite{or-journal,or-discex,or-ih,or-pet}. While there was briefly
|
\cite{or-jsac98,or-discex00,or-ih96,or-pet02}. While there was briefly
|
||||||
a network of about a dozen nodes at three widely distributed sites,
|
a network of about a dozen nodes at three widely distributed sites,
|
||||||
the only long-running and publicly accessible
|
the only long-running and publicly accessible
|
||||||
implementation was a fragile proof-of-concept that ran on a single
|
implementation was a fragile proof-of-concept that ran on a single
|
||||||
@ -102,19 +100,25 @@ program without modification.
|
|||||||
onion routing design built one circuit for each request. Aside from the
|
onion routing design built one circuit for each request. Aside from the
|
||||||
performance issues of doing public key operations for every request, it
|
performance issues of doing public key operations for every request, it
|
||||||
also turns out that regular communications patterns mean building lots
|
also turns out that regular communications patterns mean building lots
|
||||||
of circuits can endanger anonymity \cite{wright03}. Tor multiplexes many
|
of circuits, which can endanger anonymity \cite{wright03}. [XXX Was this
|
||||||
|
supposed to be Wright02 or Wright03. In any case I am hesitant to cite
|
||||||
|
that work in this context. While the point is valid in general, that
|
||||||
|
work is predicated on assumptions that I don't think typically apply
|
||||||
|
to onion routing (whether old or new design).]
|
||||||
|
Tor multiplexes many
|
||||||
connections down each circuit, but still rotates the circuit periodically
|
connections down each circuit, but still rotates the circuit periodically
|
||||||
to avoid too much linkability.
|
to avoid too much linkability.
|
||||||
|
|
||||||
\item \textbf{No mixing or traffic shaping:} The original onion routing
|
\item \textbf{No mixing or traffic shaping:} The original onion routing
|
||||||
design called for full link padding both between onion routers and between
|
design called for full link padding both between onion routers and between
|
||||||
onion proxies (that is, users) and onion routers \cite{or-journal}. The
|
onion proxies (that is, users) and onion routers \cite{or-jsac98}. The
|
||||||
later analysis paper \cite{or-pet} suggested \emph{traffic shaping}
|
later analysis paper \cite{or-pet02} suggested \emph{traffic shaping}
|
||||||
to provide similar protection but use less bandwidth, but did not go
|
to provide similar protection but use less bandwidth, but did not go
|
||||||
into detail. However, recent research \cite{econymics} and deployment
|
into detail. However, recent research \cite{econymics} and deployment
|
||||||
experience \cite{freedom2-arch} indicate that this level of resource
|
experience \cite{freedom} indicate that this level of resource
|
||||||
use is not practical or economical; and even full link padding is still
|
use is not practical or economical; and even full link padding is still
|
||||||
vulnerable to active attacks \cite{defensive-dropping}.
|
vulnerable to active attacks \cite{defensive-dropping}. [XXX what is being
|
||||||
|
referenced here, Dogan?]
|
||||||
|
|
||||||
\item \textbf{Leaky pipes:} Through in-band signalling within the circuit,
|
\item \textbf{Leaky pipes:} Through in-band signalling within the circuit,
|
||||||
Tor initiators can direct traffic to nodes partway down the circuit. This
|
Tor initiators can direct traffic to nodes partway down the circuit. This
|
||||||
@ -179,27 +183,40 @@ through a path composed of Mix servers. Mix servers in turn decrypt, delay,
|
|||||||
and re-order messages, before relay them along the path towards their
|
and re-order messages, before relay them along the path towards their
|
||||||
destinations.
|
destinations.
|
||||||
|
|
||||||
Subsequent relay-based anonymity designs have diverged in two principal
|
Subsequent relay-based anonymity designs have diverged in two
|
||||||
directions. Some have, such as Babel\cite{babel}, Mixmaster\cite{mixmaster},
|
principal directions. Some have attempted to maximize anonymity at
|
||||||
and Mixminion\cite{minion-design}, attempt to maximize anonymity at the cost
|
the cost of introducing comparatively large and variable latencies,
|
||||||
of introducing comparatively large and variable latencies. Because of this
|
for example, Babel\cite{babel}, Mixmaster\cite{mixmaster-spec}, and
|
||||||
|
Mixminion\cite{minion-design}. Because of this
|
||||||
decision, such \emph{high-latency} networks are well-suited for anonymous
|
decision, such \emph{high-latency} networks are well-suited for anonymous
|
||||||
email, but introduce too much lag for interactive tasks such as web browsing,
|
email, but introduce too much lag for interactive tasks such as web browsing,
|
||||||
internet chat, or SSH connections.
|
internet chat, or SSH connections.
|
||||||
|
|
||||||
Tor belongs to the second category: \emph{low-latency} designs that attempt
|
Tor belongs to the second category: \emph{low-latency} designs that
|
||||||
to anonymize interactive network traffic. Because such traffic tends to
|
attempt to anonymize interactive network traffic. Because such
|
||||||
involve a relatively large numbers of packets, it is difficult to prevent an
|
traffic tends to involve a relatively large numbers of packets, it is
|
||||||
attacker who can eavesdrop entry and exit points from correlating packets
|
difficult to prevent an attacker who can eavesdrop entry and exit
|
||||||
entering the anonymity network with packets leaving it. Although some
|
points from correlating packets entering the anonymity network with
|
||||||
work has been done to frustrate these attacks, they still...
|
packets leaving it. Although some work has been done to frustrate
|
||||||
|
these attacks, most designs protect primarily against traffic analysis
|
||||||
|
rather than traffic confirmation \cite{or-jsac98}. One can pad and
|
||||||
|
limit communication to a constant rate or at least to control the
|
||||||
|
variation in traffic shape. This can have prohibitive bandwidth costs
|
||||||
|
and/or performance limitations. One can also use a cascade (fixed
|
||||||
|
shared route) with a relatively fixed set of users. This assumes a
|
||||||
|
degree of agreement and provides an easier target for an active
|
||||||
|
attacker since the endpoints are generally known. However, a practical
|
||||||
|
network with both of these features has been run for many years
|
||||||
|
\cite{web-mix}.
|
||||||
|
|
||||||
|
they still...
|
||||||
[XXX go on to explain how the design choices implied in low-latency result in
|
[XXX go on to explain how the design choices implied in low-latency result in
|
||||||
significantly different designs.]
|
significantly different designs.]
|
||||||
|
|
||||||
The simplest low-latency designs are single-hop proxies such as the
|
The simplest low-latency designs are single-hop proxies such as the
|
||||||
Anonymizer, wherein a single trusted server removes identifying users' data
|
Anonymizer \cite{anonymizer}, wherein a single trusted server removes
|
||||||
before relaying it. These designs are easy to analyze, but require end-users
|
identifying users' data before relaying it. These designs are easy to
|
||||||
to trust the anonymizing proxy.
|
analyze, but require end-users to trust the anonymizing proxy.
|
||||||
|
|
||||||
More complex are distributed-trust, channel-based anonymizing systems. In
|
More complex are distributed-trust, channel-based anonymizing systems. In
|
||||||
these designs, a user establishes one or more medium-term bidirectional
|
these designs, a user establishes one or more medium-term bidirectional
|
||||||
@ -209,13 +226,32 @@ tunnel. Establishing tunnels is comparatively expensive and typically
|
|||||||
requires public-key cryptography, whereas relaying packets along a tunnel is
|
requires public-key cryptography, whereas relaying packets along a tunnel is
|
||||||
comparatively inexpensive. Because a tunnel crosses several servers, no
|
comparatively inexpensive. Because a tunnel crosses several servers, no
|
||||||
single server can learn the user's communication partners.
|
single server can learn the user's communication partners.
|
||||||
[XXX give examples.]
|
|
||||||
[XXX Everybody I know except Crowds and gnunet is in this category. Am I
|
|
||||||
right?]
|
|
||||||
|
|
||||||
[XXX Should we add a paragraph dividing servers by all-at-once approach to
|
Systems such as earlier versions of Freedom and onion routing
|
||||||
tunnel-building (OR1,Freedom1) versus piecemeal approach
|
build the anonymous channel all at once (using an onion). Later
|
||||||
(OR2,Anonnet?,Freedom2) ?]
|
designs of each of these build the channel in stages as does AnonNet
|
||||||
|
\cite{anonnet}. Amongst other things, this makes perfect forward
|
||||||
|
secrecy feasible.
|
||||||
|
|
||||||
|
Some systems, such as Crowds \cite{crowds-tissec}, do not rely on the
|
||||||
|
changing appearance of packets to hide the path; rather they employ
|
||||||
|
mechanisms so that an intermediary cannot be sure when it is
|
||||||
|
receiving/sending to the ultimate initiator. There is no public-key
|
||||||
|
encryption needed for Crowds, but the responder and all data are
|
||||||
|
visible to all nodes on the path so that anonymity of connection
|
||||||
|
initiator depends on filtering all identifying information from the
|
||||||
|
data stream. Crowds is also designed only for HTTP traffic.
|
||||||
|
|
||||||
|
Hordes \cite{hordes-jcs} is based on Crowds but also uses multicast
|
||||||
|
responses to hide the initiator. Some systems go even further
|
||||||
|
requiring broadcast \cite{herbivore,p5} although tradeoffs are made to
|
||||||
|
make this more practical. Both Herbivore and P5 are designed primarily
|
||||||
|
for communication between communicating peers, although Herbivore
|
||||||
|
permits external connections by requesting a peer to serve as a proxy.
|
||||||
|
Allowing easy connections to nonparticipating responders or recipients
|
||||||
|
is a practical requirement for many users, e.g., to visit
|
||||||
|
nonparticipating Web sites or to send mail to nonparticipating
|
||||||
|
recipients.
|
||||||
|
|
||||||
Distributed-trust anonymizing systems differ in how they prevent attackers
|
Distributed-trust anonymizing systems differ in how they prevent attackers
|
||||||
from controlling too many servers and thus compromising too many user paths.
|
from controlling too many servers and thus compromising too many user paths.
|
||||||
@ -225,6 +261,26 @@ servers, while using a limited resource (DHT space for Tarzan; IP space for
|
|||||||
MorphMix) to prevent an attacker from owning too much of the network.
|
MorphMix) to prevent an attacker from owning too much of the network.
|
||||||
[XXX what else? What does (say) crowds do?]
|
[XXX what else? What does (say) crowds do?]
|
||||||
|
|
||||||
|
All of the above systems Several systems with varying design goals
|
||||||
|
and capabilities but all of which require that communicants be
|
||||||
|
intentionally participating are mentioned here.
|
||||||
|
|
||||||
|
Some involve multicast or more to work
|
||||||
|
herbivore
|
||||||
|
|
||||||
|
There are also many systems which are intended for anonymous
|
||||||
|
and/or censorship resistant file sharing. [XXX Should we list all these
|
||||||
|
or just say it's out of scope for the paper?
|
||||||
|
eternity, gnunet, freenet, freehaven, publius, tangler, taz/rewebber]
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
[XXX Should we add a paragraph dividing servers by all-at-once approach to
|
||||||
|
tunnel-building (OR1,Freedom1) versus piecemeal approach
|
||||||
|
(OR2,Anonnet?,Freedom2) ?]
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Channel-based anonymizing systems also differ in their use of dummy traffic.
|
Channel-based anonymizing systems also differ in their use of dummy traffic.
|
||||||
[XXX]
|
[XXX]
|
||||||
|
|
||||||
@ -233,6 +289,16 @@ communication. Crowds and [XXX] provide anonymity for HTTP requests; [...]
|
|||||||
|
|
||||||
[XXX Mention error recovery?]
|
[XXX Mention error recovery?]
|
||||||
|
|
||||||
|
Web-MIXes \cite{web-mix} (also known as the Java Anon Proxy or JAP)
|
||||||
|
use a cascade architecture with relatively constant groups of users
|
||||||
|
sending and receiving at a constant rate.
|
||||||
|
|
||||||
|
Some, such as Crowds \cite{crowds-tissec}, do nothing against such
|
||||||
|
confirmation but still make it difficult for nodes along a connection to
|
||||||
|
perform timing confirmations that would more easily identify when
|
||||||
|
the immediate predecessor is the initiator of a connection, which in
|
||||||
|
Crowds would reveal both initiator and responder to the attacker.
|
||||||
|
|
||||||
|
|
||||||
anonymizer
|
anonymizer
|
||||||
pipenet
|
pipenet
|
||||||
@ -338,7 +404,7 @@ issues remaining to be ironed out. In particular:
|
|||||||
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
|
|
||||||
\bibliographystyle{latex8}
|
\bibliographystyle{latex8}
|
||||||
\bibliography{minion-design}
|
\bibliography{tor-design}
|
||||||
|
|
||||||
\end{document}
|
\end{document}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user