Interesting research. We won't know how impressive it is until the kinds of people that break Tor give it a thorough analysis. Otherwise, it might be a scheme that simply de-anonymizes users faster than the competition. I'll add that combining anonymity and performance seems to be one of the hardest security problems to get right with so much left to learn. So, I don't trust anything that does that, including Tor.
Asynchronous, non-real-time schemes that look like vanilla web traffic are the best. Especially using covert channels. However, my method is to do face-to-face with possible and otherwise use burner PC's, LiveCD's, and random Wifi hotspots. Tor or proxies optionally as extra layer of difficulty depending on what I'm doing.
"Asynchronous, non-real-time schemes that look like vanilla web traffic are the best."
It's a shame that high-latency mix networks died out with Mixminion [1] a few years ago. There's a lot of interesting research that never got implemented, that would, in my opinion, bring us a lot closer to truly anonymous email.
If this is a topic you find interesting, take a look at the Pynchon Gate [2]. It's a private information retrieval system, proposed by Sassaman (Mixmaster), Cohen (Bittorrent), and Nick Mathewson (Tor), that had a lot of interesting ideas about how to facilitate the anonymous retrieval of email.
It was never implemented, but it's a very approachable paper that serves as an excellent introduction to the incredible world of anonymity networks.
Oh yeah, good ole Mixminion. Yeah, the mix networks were the most promising. Thanks for the paper. That sure is a near-dream team of writers. I'll read it later.
No problem! I could talk for hours about mix networks. If you enjoy that paper, there's a few follow-up papers they wrote that examine some possible threat vectors and possible solutions. All in all, it's a very interesting system.
If you're ever looking for more reading on the subject, I'd recommend all of the starred papers on Free Haven [1]
Oh I love that site. Periodically skim it for interesting reads. Btw, is there a way to contact you or a place you usually frequent if I do get involved in a mix project? My limited resources and memory troubles make it unlikely. However, if I or someone I meet is into it then it would help to have someone that can bring people up to speed on the subject.
>I'll add that combining anonymity and performance seems to be one of the hardest security problems to get right with so much left to learn.
A certain penalty in both available bandwidth and latency seems unavoidable in any distributed onion anonymization system, but one practical issue may actually be something that I think doesn't get brought up nearly often enough in this context: a plain and simple lack of raw bandwidth. In other words, more practical anonymity would be yet another emergent benefit/application of near universal FTTH gigabit+ class connections. While some applications can use as much bandwidth and as low latency as it's possible to provide, many popular, commonly used ones on the present Internet instead have a value beyond which there are few further benefits. One of the hungrier applicatinos for example is streaming video, but once someone is stably hitting ~50-100 Mbps they're already at what a full quality Blu-ray would offer, even without H.265, and with H.265 even 4K is going to look pretty great.
So if a given anonymity network had an overall overhead of 90%, or even 95%, well that's certainly significant. But at the same time if someone has 1 Gbps to throw at it, then even 5-10% remaining would still result in more effective bandwidth available then large percentages of the population have raw right now, and more importantly enough for most of the current popular web applications. It would also have additional implications for the health and participation rates of the anonymity network, particular given that fiber links are symmetrical. These networks in general needs significant donations of bandwidth on the part of users to work effectively. When many, if not most users don't have that much available period then that can be tough: for somebody stuck on a 6/1 ADSL link giving up even a few hundred kbps could be painful. Whereas with an abundance, many if not most users would never even notice having 500+ Mbps serving as relay capacity at all times. This would further improve the overall value of the network, encouraging further use, and creating a virtuous circle.
Doing more with less is certainly very important, but no one should lose sight of how much in computer science has come from just plain having more. Anonymity networks would be best if they weren't "anonymity networks" per se, but rather simply "the network", as in what most people could use to accomplish anything on the Internet they'd want to. Ubiquitous encryption has been aided by better coding, but the most significant boost has come from having an abundance of computing resources, to the point where the overhead of encryption simply is irrelevant to the vast majority of users vs the benefits to security. An abundance of (symmetrical) bandwidth could enable a similar leap forward in anonymity online. It's another reason why we should really be pushing hard for major last mile information infrastructure improvements, and it's so unfortunate that the USA in particular has grossly underinvested and allowed companies to set the agenda there (unlike with electricity, phones and roads, which received major national pushes to the ultimate benefit of the whole country).
> One of the hungrier applicatinos for example is streaming video, but once someone is stably hitting ~50-100 Mbps they're already at what a full quality Blu-ray would offer, even without H.265, and with H.265 even 4K is going to look pretty great.
When more bandwidth gets deployed someone will roll out more bandwidth-consuming video.
near and mid term: 4k, 3D, 10bit, 4:4:4, 60fps, lossless sound
And that's not opinion: that's a fact of life in tech that repeats endlessly. Induced demand, Jevons paradox, Parkinson's law... the principle shows up endlessly.
Now, what effect it would have on a 1Gbit anonymity network is anyone's guess. All the streaming and web apps on my network don't really impact its normal performance because they're much slower than it. So, this concern might not affect what the other commenter proposes in practice.
More raw bandwidth will certainly help such applications. Yet, the latency is more important. Remember that sites are using CDN's because even a few seconds of delay causes much of the modern Internet to just leave the site. Voice, video, stock trading, chat, online gaming... all latency sensitive.
Solving the latency problem without hurting security could be one phrasing of my original comment. Until it's solved, all the bandwidth in the world isn't going to make the anonymity schemes competitive. It will help A LOT to speed up tools such as Tor. But, it won't be competition for non-anonymous stuff until it's within their performance range.
Note: More symmetrical, fiber-to-the-home projects will certainly help. Projects like below will help us get there.
Asynchronous, non-real-time schemes that look like vanilla web traffic are the best. Especially using covert channels. However, my method is to do face-to-face with possible and otherwise use burner PC's, LiveCD's, and random Wifi hotspots. Tor or proxies optionally as extra layer of difficulty depending on what I'm doing.