The recently published anonymity trilemma paper is fascinating, and points out the tradeoff between bandwidth, latency and anonymity; note the very interesting graph at the top of page 16, and that Loopix holds an interesting position on this graph:
Anonymity Trilemma: Strong Anonymity, Low Bandwidth Overhead, Low Latency—Choose Two by Debajyoti Das, Sebastian Meiser, Esfandiar Mohammadi, Aniket Kate https://eprint.iacr.org/2017/954.pdf The recent Loopix paper explores this tradeoff in the context of a continuous time mix strategy called the Poisson mix: The Loopix Anonymity System by Ania M. Piotrowska, Jamie Hayes, Tariq Elahi, Sebastian Meiser, George Danezis https://www.esat.kuleuven.be/cosic/publications/article-2830.pdf No need to cry about bandwidth usage if we are willing to sacrifice the low latency and replace it with "medium latency". Instead of using constant time padding or decoy traffic we can instead make use of a Poisson process which samples from an exponential distribution. Loopix clients use a FIFO queue for sending messages where items are removed from the queue and sent based on time intervals from the Poisson process. If queue is empty send decoys. Unsure how well this will work on phones... (especially dubious if they go to sleep) Hopefully in the coming years we will see more research into these tradeoffs and concrete tuning parameters for Loopix and other similar designs. :) Like Holger Krekel said, perhaps mixnets can help. This is our long term plan. For short term solutions of course use Tor! (Tor is very obviously the best currently deployed anonymous communication protocol) ♥λⒶ 😼 enjoy the reads Cheers, David On Sun, Jan 27, 2019 at 02:05:32AM -0500, grarpamp wrote: > DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning > https://arxiv.org/pdf/1808.07285 > > Some assert that the only way to beat this > class (general timing and traffic analysis) is > with full time regulated fill traffic. > Then people cry bandwidth... before realizing the > selectability of the committed rate is pursuant > to their needs, and being no more than they can > get, or would use, over non-fill nets anyways. > Or with a, unusable for low latency..., random store > forward lossy additive mixes... being a non general > and gappy form of fill anyway. > > Are there any papers covering potential schemes for > managing traffic fill (negotiation of rates, dynamic > yielding to take on wheat presented, hop by hop > vs network wide awareness and control mechanisms, > dropping nodes that fail to fill per negotiation, etc)? > _______________________________________________ > Messaging mailing list > [email protected] > https://moderncrypto.org/mailman/listinfo/messaging
signature.asc
Description: PGP signature
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
