[147103] in cryptography@c2.net mail archive
Re: [Cryptography] Summary of the discussion so far
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Fri Sep 13 17:03:05 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 13 Sep 2013 17:02:28 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: Nico Williams <nico@cryptonector.com>
In-Reply-To: <20130913204657.GA7718@gmail.com>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Fri, 13 Sep 2013 15:46:58 -0500 Nico Williams
<nico@cryptonector.com> wrote:
> On Fri, Sep 13, 2013 at 03:17:35PM -0400, Perry E. Metzger wrote:
> > On Thu, 12 Sep 2013 14:53:28 -0500 Nico Williams
> > <nico@cryptonector.com> wrote:
> > > Traffic analysis can't really be defeated, not in detail.
> >
> > What's wrong with mix networks?
>
> First: you can probably be observed using them.
Sure, but the plan I described a few weeks ago would presumably end
with hundreds of thousands or millions of users if it worked at all.
> Second: I suspect that to be most effective the mix network also
> has to be most inconvenient (high latency, for example).
Sure, that's true for voice and such. However, for messaging
apps, that's not an issue. See my claims here:
http://www.metzdowd.com/pipermail/cryptography/2013-August/016874.html
(That was part of a three message sequence that began with these two:
http://www.metzdowd.com/pipermail/cryptography/2013-August/016870.html
and
http://www.metzdowd.com/pipermail/cryptography/2013-August/016872.html
but only the second of those two is really relevant to this
particular discussion.)
> Third: the mix network had better cross multiple jurisdictions that
> are not accustomed to cooperating with each other. This seems very
> difficult to arrange.
That's important for onion networks, not mix networks. I understand
that the distinction isn't well understood by most, but it can be
summarized thus: an onion network depends on no one observing the
whole network to provide security, while a mix network uses
sufficient cover traffic and delay induction to prevent people from
being able to learn much even if they can observe the whole network
and control a minority of nodes.
Perry
--
Perry E. Metzger perry@piermont.com
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
