I've read up on a few modern metadata hiding schemes recently. It appears the supposedly information theoretically secure schemes based on DC-nets, like Dissent, Herbivore, etc., would turn out far less secure than mixnets like Sphinx.
I've two reasons for this opinion : First, mixnets hide your metadata with real traffic, while DC-nets hide your metadata with artificial traffic, consuming at least n times as much bandwidth where n is the number of participating server nodes. We should assume that most if not all artificial traffic could realistically be replaced with real traffic, possibly by delaying traffic, so the user base from which your anonymity set is drawn is actually divided by n in the DC-net. Second, any DC-net exposes the full set of participating server nodes, while mixnets expose this set only to the sender, and expose server nodes only pairwise to one another. A priori, it's plausible this makes large "fibered" DC-nets like Herbivore much more vulnerable to intersection type attacks. Also, I suspect mixnet could blur the boundary between client and server nodes somewhat better too. There are scenarios where DC-nets might out perform mixnets, well perhaps DC-nets exhibit lower latency given sufficiently high bandwidth and low actual traffic. In other words, DC-nets might outperform mixnets for hiding the internal metadata of an organization. We encounter an interesting ethical concern here : Should one try to hide the internal metadata of organizations over and above the bulk metadata of the general public? We could use investigative reporting as an example the Dissent paper mentioned wikileaks. It's clear that DC-nets suck for whistleblowers. What about communication between the journalists themselves though? We need an organization that's large enough that hiding internal metadata meaningfully obfuscates its upcoming projects, maybe they employ experts on a wide rang of issues. Yet, we need the organization to be small enough for the DC-nets poor scaling. Sounds quite specific. We could otoh consider an organizations working for more nefarious purposes, like say a corporate board discussing how their vaguely worded edict should be interpreted. It's plausibly my biases impacting what organizations I've considered, but conspiratorial groups seem more malleable in size. Anyways, it's unclear when if ever DC-nets out perform mixnets, but even if they do under some conditions, then those conditions probably favor some users over others. Jeff
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
