Cryptography Reference
In-Depth Information
Each of these systems offer a great deal of anonymity against
many attackers. The packets from all of the users form a cloud that
effectively obscures the begining and the end of each path. None of
the solutions, however, are perfect against omniscient and omnipo-
tent attackers who can monitor all of the nodes in the network while
probing it with their own packets. Each of the systems has some defi-
nite strengths but a fewweaknesses that may be exploited in extreme
cases.
10.4.1 FreedomNetwork
Zero Knowledge Systems designed and built the FreedomNetwork, a
collection of servers joined by a sophisticated protocol for encrypting
packets. The network lasted until 2001 when the company shut it
down for financial reasons. The network remains one of the most
ambitious tools for providing privacy on the Internet.
The FreedomNetwork
drew heavily on the
inspiration of the Onion
Routing Network
developed at the Naval
Research Labs by Paul
Syverson, Michael Reed
and David Goldschlag.
[SRG00, STRL00, SGR97,
RSG98] See Section 10.7.
The network consisted of a collection of
Anonymous Internet
Proxies
that would decrypt and encrypt messages while forwarding
the data on to other proxies. If a computer wants to establish a path
to the Internet, it takes these steps:
1. At the center of the network is the NISS or the Network Infor-
mation Status Server, a central computer that maintains a list
of operating AIPs and their public keys.
2. The computer takes a list of these machines and chooses a
random path through a collection of machines. This may use
information about distance and load to optimize the process.
Shorter chains offer better service while longer chains offer
more resistance to detection. Chains running through differ-
ent countries may offer some extra legal protection.
3. The computer uses Diffie-Hellman key exchange to negotiate a
key with each AIP in the chain.
4. The data going out the chain is encrypted with each key in turn.
If
f
k
is the encryption function using key
k
,then
f
k
1
(
f
k
2
(
...f
k
n
(
data
)))
is sent down the chain.
k
i
is the key for the
i − th
AIP in the
chain.
5. Each AIP receives its packet of data and uses the negotiated
session key to strip away the top layer before passing it on.
6. The last AIP in the chain sends the packet off to the right desti-
nation.
