[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[freehaven-cvs] more cites, more general cleanup.
Update of /home/freehaven/cvsroot/doc/wupss04
In directory moria:/home/arma/work/freehaven/doc/wupss04
Modified Files:
usability.bib usability.pdf usability.tex
Log Message:
more cites, more general cleanup.
Index: usability.bib
===================================================================
RCS file: /home/freehaven/cvsroot/doc/wupss04/usability.bib,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- usability.bib 21 Mar 2006 03:37:25 -0000 1.7
+++ usability.bib 21 Mar 2006 04:28:20 -0000 1.8
@@ -1,6 +1,36 @@
+@InProceedings{danezis-pet2004,
+ author = "George Danezis",
+ title = "The Traffic Analysis of Continuous-Time Mixes",
+ booktitle= {Privacy Enhancing Technologies (PET 2004)},
+ editor = {David Martin and Andrei Serjantov},
+ month = {May},
+ year = {2004},
+ series = {LNCS},
+ note = {\url{http://www.cl.cam.ac.uk/users/gd216/cmm2.pdf}},
+}
+
+@inproceedings{timing-fc2004,
+ title = {Timing Attacks in Low-Latency Mix-Based Systems},
+ author = {Brian N. Levine and Michael K. Reiter and Chenxi Wang and Matthew K. Wright},
+ booktitle = {Proceedings of Financial Cryptography (FC '04)},
+ year = {2004},
+ month = {February},
+ editor = {Ari Juels},
+ publisher = {Springer-Verlag, LNCS 3110},
+}
+
+@Misc{mixmaster-spec,
+ author = {Ulf M{\"o}ller and Lance Cottrell and Peter
+ Palfrader and Len Sassaman},
+ title = {Mixmaster {P}rotocol --- {V}ersion 2},
+ year = {2003},
+ month = {July},
+ howpublished = {Draft},
+ note = {\url{http://www.abditum.com/mixmaster-spec.txt}},
+}
+
@inproceedings{e2e-traffic,
- title = {Practical Traffic Analysis: Extending and Resisting Statistical Discl
-osure},
+ title = {{Practical Traffic Analysis: Extending and Resisting Statistical Disclosure}},
author = {Nick Mathewson and Roger Dingledine},
booktitle = {Proceedings of Privacy Enhancing Technologies workshop (PET 2004)
},
@@ -42,7 +72,7 @@
@InProceedings{back01,
author = {Adam Back and Ulf M\"oller and Anton Stiglic},
- title = {Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems},
+ title = {{Traffic Analysis Attacks and Trade-Offs in Anonymity Providing Systems}},
booktitle = {Information Hiding (IH 2001)},
pages = {245--257},
year = 2001,
@@ -54,16 +84,16 @@
author = "John Douceur",
title = {{The Sybil Attack}},
booktitle = "Proceedings of the 1st International Peer To Peer Systems Workshop (IPTPS)",
- month = {Mar},
+ month = {March},
year = 2002,
}
@inproceedings{econymics,
- title = {On the Economics of Anonymity},
+ title = {{On the Economics of Anonymity}},
author = {Alessandro Acquisti and Roger Dingledine and Paul Syverson},
booktitle = {Financial Cryptography},
year = {2003},
- month = {Jan},
+ month = {January},
editor = {Rebecca N. Wright},
publisher = {Springer-Verlag, LNCS 2742},
}
@@ -85,7 +115,7 @@
booktitle = {Designing Privacy Enhancing Technologies: Workshop
on Design Issue in Anonymity and Unobservability},
editor = {H. Federrath},
- month = {Jul},
+ month = {July},
publisher = {Springer-Verlag, LNCS 2009},
year = {2000},
}
@@ -95,16 +125,7 @@
title = {{Tor: The Second-Generation Onion Router}},
booktitle = {Proceedings of the 13th USENIX Security Symposium},
year = {2004},
- month = {Aug},
-}
-
-@InProceedings{danezis-pet2004,
- author = "George Danezis",
- title = "The Traffic Analysis of Continuous-Time Mixes",
- booktitle= {Privacy Enhancing Technologies (PET 2004)},
- editor = {David Martin and Andrei Serjantov},
- month = {May},
- year = {2004},
+ month = {August},
}
@Article{crowds:tissec,
Index: usability.pdf
===================================================================
RCS file: /home/freehaven/cvsroot/doc/wupss04/usability.pdf,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
Binary files /tmp/cvsYjJiER and /tmp/cvsQmzcHs differ
Index: usability.tex
===================================================================
RCS file: /home/freehaven/cvsroot/doc/wupss04/usability.tex,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -d -r1.28 -r1.29
--- usability.tex 21 Mar 2006 03:37:26 -0000 1.28
+++ usability.tex 21 Mar 2006 04:28:20 -0000 1.29
@@ -121,9 +121,10 @@
We described above that usability affects security in systems that aim
to protect data
confidentiality. But when the goal is {\it privacy}, it can become even
-more important. A large category of {\it anonymizing networks}, such as
-Tor, JAP, Mixminion, and Mixmaster, aim to hide not only what is being
-said, but also who is
+more important. Anonymizing networks such as
+Tor~\cite{tor-design}, JAP~\cite{web-mix},
+Mixminion~\cite{minion-design}, and Mixmaster~\cite{mixmaster-spec}
+aim to hide not only what is being said, but also who is
communicating with whom, which users are using which websites, and so on.
These systems have a broad range of users, including ordinary citizens
who want to avoid being profiled for targeted advertisements, corporations
@@ -230,7 +231,7 @@
fast enough for web browsing, secure shell, and other interactive
applications, but have a weaker threat model: an attacker who watches or
controls both ends of a communication can trivially correlate message timing
-and link the communicating parties.
+and link the communicating parties~\cite{danezis-pet2004,timing-fc2004}.
Clearly, users who need to resist strong attackers must choose
high-latency networks or nothing at all, and users who need to anonymize
@@ -420,8 +421,10 @@
fairly sophisticated privacy enthusiasts with experience running Unix
services, who wanted to experiment with the network (or so they say;
by design, we don't track our users). As the project gained more attention
-from venues including security conferences and articles on Slashdot.org and
-Wired News, we added more users with less technical expertise. These users
+from venues including security conferences, articles on Slashdot.org and
+Wired News, and more mainstream media like the New York Times, Forbes,
+and the Wall Street Journal, we added more users with less technical
+expertise. These users
can now provide a broader base of anonymity for high-needs users, but only
when they receive good support themselves.
@@ -489,7 +492,8 @@
bytes from one end of the cascade to the other, it falls prey to the
same end-to-end timing correlation attacks as we described above. That
is, an attacker who can watch both ends of the cascade won't actually
-be distracted by the other users \cite{danezis-pet2004}. The JAP
+be distracted by the other users \cite{danezis-pet2004,timing-fc2004}.
+The JAP
team has plans to implement full-scale padding from every user (sending
and receiving packets all the time even when they have nothing to send),
but---for usability reasons---they haven't gone forward with these plans.
@@ -498,7 +502,7 @@
As the system is now, anonymity sets don't provide a real measure of
security for JAP, since any attacker who can watch both ends of the
-cascade wins, and the number of users on the network is no obstacle
+cascade wins, and the number of users on the network is no real obstacle
to this attack. However, we think the anonym-o-meter is a great way to
present security information to the user, and we hope to see a variant
of it deployed one day for a high-latency system like Mixminion, where
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxx with
unsubscribe freehaven-cvs in the body. http://freehaven.net/