Learn, hack!

URL

http://events.ccc.de/congress/2004/fahrplan/files/355-anonymous-communication-slides.pdf

File name

355-anonymous-communication-slides.pdf

File size

83.5 KB

MD5

4a074a74c6226811ddce327fd97e0ed4

SHA1

9a1ec53b27dc8999fe48938479e5a8f9dd7acd02

We will present the state of the art in deployed anonymous communication systems, and in particular Mixminion, for anonymous email, and Tor, for anonymous web browsing. We will focus on the concrete future challenges to deploy and strengthen theses systems. In the last few years there has been a renewed interest in anonymous communications, both in terms of accademic work but most importantly in terms of implemented and deployed systems. This talk will be geared towards those at the cross section of practice and reaserch that are interested in developing or strengthening applications that provide some anonymity protection. We will describe two systems that are based on solid theoretical work, and should provide a high degree of security: Mixminion, is a high latency remailer, that can be used to anonymise email, while Tor is a low latency Onion Router, supporting the transport of any TCP stream. The two architectures are complementary, and provide very different security properties. While deployed, for testing, they Mixminion and Tor are both works in progress, and many practical as well as research challenges need to be resolved before they become widely used. The talk will first give an overview of Mixminion and Tor, highlight their architectural similarities and differences. Some attention will be paid to the threat models that they try to protect against and the features that they provide. The key attack techniques will be presented, but without going into the mathematical details. Pointers for further reading will be provided for those who are keen. Then we shall focus on the issues that remain to be resolved to widely deploy these systems, and further strengthen them. These issues are both research questions or concern the practical implemetation of anonymous infrastructure and services. On the one hand there is a need to build more services merely to support anonymous communications: from the implementation of pseudonym servers, directory services, or integration into client applications to research on DoS prevention and flooding. On the other hand the communication infrastructure is only there to be used by higher level applications. Therefore there is a need to understand which applications can be used without modifications over anonymous communications, and which will require to be modified not to compromise identity information. As a result of this talk participants should feel confortable with the basic design of anonymity systems, and know where to find additional information to use or build on these systems. If they choose to further look into the subject they will know what the main issues are where more work is required, and know the venues where this work can be presented, used, and appreciated.