dawuud: > >> I wonder, in general can we have nice things? Can we finally have a >> cryptographic messaging system that protects against intersection >> attacks? To that end I've been putting together a reading list so that > > If my understanding is correct, the answer is No. No we cannot prevent > longterm intersection attacks by using decoy traffic in the > katzenpost/loopix system because users will go offline and come back > online later which changes the anonymity set size and thus leaks > information to a global network observer. > > I suspect that there are mixnet use cases which are not vulnerable or > less vulnerable to this... such that user or application behavior does not > form a "session" where users send multiple messages over long periods which > can be linked by a passive observer. >
What about a store-and-retrieve design? You don't send "to" the receiver (not even indirectly), you send to a mailbox at an unpredictable address (or addresses) in a DHT-like distributed storage system, which is always online. Later, the receiver logs on and retrieves their own messages from their mailbox. Storage nodes only store stuff for a fixed amount of time and then they drop it, to save space / prevent storage DoS attacks. Participants rely on end-to-end acks to guarantee reliability. If the recipient doesn't ack your message, you assume the network dropped it, and resend it, perhaps to a newly-generated unpredictable address. Wasn't Jeff Burdges exploring designs in this area at some point? I vaguely remember him talking about it at various events a few years ago. X -- GPG: ed25519/56034877E1F87C35 GPG: rsa4096/1318EFAC5FBBDBCE https://github.com/infinity0/pubkeys.git _______________________________________________ Messaging mailing list Messaging@moderncrypto.org https://moderncrypto.org/mailman/listinfo/messaging
