Cebolla
Zach Brown and Adam Back did something pretty cool called Cebolla: a pragmatic IP anonymity system. When I spoke to Zer0Knowledge a couple of years ago it seemed like their system was far more complex than was really necessary: what should have been a few thousand lines (for a first version) involved kernel modules and who knows what else. This is much more like it: not solving every conceivable attack, but "pretty good anonymity".
Cebolla's threat model is pragmatic: it does not attempt to be secure against an all powerful passive attacker -- if the attacker is able to observe both the entry and exit points of traffic entering the network the game is over. However the entry node alone should not be able to determine the exit node; similarly the exit node should not be able to determine the entry-node (or user of the entry-node). This model means link padding is not used.[....]
The nested tunnel scheme described above allows Cebolla to provide end-to-end forward-anonymity. The means no single node can compromise forward-anonymity -- to compromise forward-anonymity, all nodes in the tunnel have to collude.
posted Sun 11 May 2003 in /software/crypto | link
Archives 2008: Apr Feb 2007: Jul May Feb Jan 2006: Dec Nov Oct Sep Aug Jul Jun Jan 2005: Sep Aug Jul Jun May Apr Mar Feb Jan 2004: Dec Nov Oct Sep Aug Jul Jun May Apr Mar Feb Jan 2003: Dec Nov Oct Sep Aug Jul Jun May
Copyright (C) 1999-2007 Martin Pool.