Professional Documents
Culture Documents
Usenixsecurity17 Slides Piotrowska
Usenixsecurity17 Slides Piotrowska
1 2
University College London, UK KU Leuven
1 / 19
Mixnets Background
A set of cryptographic relays hiding input and output correspondence, by using
layered encryption and secret permutation.
Bob
Other users
2 / 19
Motivation
3 / 19
Loopix Overview
Mixnet
4 / 19
Loopix Overview
Mixnet
5 / 19
End-to-end messages
6 / 19
Drop cover traffic
7 / 19
Client’s loop cover traffic
8 / 19
Mix’s loop cover traffic
9 / 19
Client - Provider Link
Sending - each stream of traffic follows a Poisson process
ΛP
Λ P + ΛD + Λ L
ΛL
ΛD
10 / 19
Mixing strategy - Poisson mix
Properties:
Poisson mix can be modeled as a pool mix.
Event i − 1 Event i + 1
Event i Event i + 2
11 / 19
Security Properties - Summary
Corrupt Corrupt
GPA
mixes provider
Sender-Recipient Third-Party Unobservability X X X
Sender online unobservability X X X
Sender anonymity X X X
Receiver unobservability X X
Receiver anonymity X X
12 / 19
Anonymity vs Latency vs Rate of traffic
Figure: Entropy versus the changing rate of the incoming traffic for different delays
(seconds). Lower µ is a higher delay.
13 / 19
Performance - Throughput
300
All traffic Starting conditions:
Messages processed per sec
14 / 19
Performance - Latency Overhead
4.0
3.5 Λ = 30 msg/min
Latency Overhead (ms)
3.0
2.5 ΛM = 10 loops/min
2.0
1.5
1.0
0.5
0.0
0 50 100 150 200 250 300 350 400 450 500
Number of clients
15 / 19
Performance - End-to-end Message Latency
16 / 19
Loopix Key takeaways
Unlinkability of senders and recipients
Detection of active attacks
Unobservability of clients actions
Balanced trade-off between latency and cover traffic
Supporting off-line storage
17 / 19
Loopix Key takeaways
Unlinkability of senders and recipients
Detection of active attacks
Unobservability of clients actions
Balanced trade-off between latency and cover traffic
Supporting off-line storage
Thank you!
18 / 19
Low Low Communication Scalable Asynchronous Active Offline Resistance
Latency Overhead Deployment Messaging† Attack Resistant Storage* to GPA
Loopix X X X X X X X
Dissent X X
Vuvuzela X X X
Stadium X X X X
Riposte X X X
Atom X X X X
Riffle X X X X
AnonPoP X X X X
Tor X X X X
Table: Comparison of popular anonymous communication systems. By *, we mean if the design intentionally
incorporates provisions for delivery of messages when a user is offline, perhaps for a long period of time. By †, we
mean that the system operates continuously and does not depend on synchronized rounds for its security
properties and users do not need to coordinate to communicate together.
19 / 19