[Remops] Comparison between two practical mix designs (Mixmaster vs. Reliable) (fwd from peter@palfrader.org)
- Forwarded message from Peter Palfrader [EMAIL PROTECTED] - From: Peter Palfrader [EMAIL PROTECTED] Date: Tue, 30 Mar 2004 15:30:03 +0200 To: [EMAIL PROTECTED] Subject: [Remops] Comparison between two practical mix designs (Mixmaster vs. Reliable) User-Agent: Mutt/1.5.5.1+cvs20040105i Hi, you may be interested in a paper by Claudia Diaz, Len Sassaman, and Evelyne Dewitte. Evelyne is a statistician and Claudia an anonymity researcher, both at the University of Leuven, Belgium. Abstract: We evaluate the anonymity provided by two popular email mix implementations, Mixmaster and Reliable, and compare their effectiveness through the use of simulations which model the algorithms used by these mixing applications. In order to draw accurate conclusions about the operation of these mixes, we use as our input to these simulations actual traffic data obtained from a public anonymous remailer (mix node). We determine that assumptions made in previous literature about the distribution of mix input traffic are incorrect, and our analysis of the input traffic shows that it follows no known distribution. We establish for the first time that a lower bound exists on the anonymity of Mixmaster, and discover that under certain circumstances the algorithm used by Reliable provides no anonymity. We find that the upper bound on anonymity provided by Mixmaster is slightly higher than that provided by Reliable. We identify flaws in the software code in Reliable that further compromise its ability to provide anonymity, and review key areas which are necessary for the security of a mix in addition to a sound algorithm. Our analysis can be used to evaluate under which circumstances the two mixing algorithms should be utilized to best achieve anonymity and satisfy their purpose. Our work can also be used as a framework for establishing a security review process for mix node deployments. The full paper can be found at http://www.abditum.com/~rabbi/mixvreliable.pdf Note that this is still a draft. -- Stats, Metastats, All Pingers' List, RemSaint, Keyrings: http://www.noreply.org/ Echolot - a pinger for Anonymous Remailers - http://www.palfrader.org/echolot/ ___ Remops mailing list [EMAIL PROTECTED] http://freedom.gmsociety.org/mailman/listinfo/remops - End forwarded message - -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp0.pgp Description: PGP signature
[Remops] Comparison between two practical mix designs (Mixmaster vs. Reliable) (fwd from peter@palfrader.org)
- Forwarded message from Peter Palfrader [EMAIL PROTECTED] - From: Peter Palfrader [EMAIL PROTECTED] Date: Tue, 30 Mar 2004 15:30:03 +0200 To: [EMAIL PROTECTED] Subject: [Remops] Comparison between two practical mix designs (Mixmaster vs. Reliable) User-Agent: Mutt/1.5.5.1+cvs20040105i Hi, you may be interested in a paper by Claudia Diaz, Len Sassaman, and Evelyne Dewitte. Evelyne is a statistician and Claudia an anonymity researcher, both at the University of Leuven, Belgium. Abstract: We evaluate the anonymity provided by two popular email mix implementations, Mixmaster and Reliable, and compare their effectiveness through the use of simulations which model the algorithms used by these mixing applications. In order to draw accurate conclusions about the operation of these mixes, we use as our input to these simulations actual traffic data obtained from a public anonymous remailer (mix node). We determine that assumptions made in previous literature about the distribution of mix input traffic are incorrect, and our analysis of the input traffic shows that it follows no known distribution. We establish for the first time that a lower bound exists on the anonymity of Mixmaster, and discover that under certain circumstances the algorithm used by Reliable provides no anonymity. We find that the upper bound on anonymity provided by Mixmaster is slightly higher than that provided by Reliable. We identify flaws in the software code in Reliable that further compromise its ability to provide anonymity, and review key areas which are necessary for the security of a mix in addition to a sound algorithm. Our analysis can be used to evaluate under which circumstances the two mixing algorithms should be utilized to best achieve anonymity and satisfy their purpose. Our work can also be used as a framework for establishing a security review process for mix node deployments. The full paper can be found at http://www.abditum.com/~rabbi/mixvreliable.pdf Note that this is still a draft. -- Stats, Metastats, All Pingers' List, RemSaint, Keyrings: http://www.noreply.org/ Echolot - a pinger for Anonymous Remailers - http://www.palfrader.org/echolot/ ___ Remops mailing list [EMAIL PROTECTED] http://freedom.gmsociety.org/mailman/listinfo/remops - End forwarded message - -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp0.pgp Description: PGP signature
