High latency anonymity network design highly censorship resistant

How would this work for a high latency anonymity network (designed for E-mails not surfing)

Ok there is a centralized server that distributes seed information. The central server gets the seed information from volunteers who set up mixes, the mix generates a seed that is used to plug a RNG and spit out a series of bits. The actual seed information can be matched up to users who publish their public keys on the central server, then the mix runners downloads the public key from the server and uses it to encrypt the seed then it tags it to the user and uploads it back to the server. If the adversary censors access to the server the client can find a seed from a friend or something or there can be big torrents full of seeds I guess. The mix also should encrypt a few websites that it will check (more on this later), plus the public key of an outproxy mix (also can be listed publicly and randomly pulled from the entry mix).

Anyways the client uses the seed to generate a long random name for a picture, video, song whatever. Then it takes the users message (and send to information) and encrypts it to the out proxy mixes public key. Then it hides the message in the named file and uploads it to a server like youtube, photobucket, really any server that allows uploading of user named content).

The entry mix periodically scans those websites for files of that name. When it finds them, it grabs them and holds them for a few hours mixing with other users messages. Then it sends them out to the exit mix. The exit mix decrypts the message and forwards it on to the receivers information (specified with in the encryption). The reply information should be included encrypted to the receiver to maintain anonymity.

So it would look sort of like this

Client ---> YouTube ----> Entry Mix -----> Photobucket -----> Exit mix ------> Receiver

the only way they could censor this is to ban access to ALL websites that allow for uploading of user named content. The entry mix never will know the clients IP and the client will never know the entry IP (they both know youtube IP though). Entry mix and Exit mix also don't know each others IP address (they just know to look at those websites for those named files thanks to the shared seed, and you can't really censor a file name like you can a IP address).

This is totally raw idea and not fortified but I think it is a good method for people who onl want to send anonymous messages to others, and live in very censored countries.

Thoughts?

 

selected papers in anonymity has all the info you seek: http://www.freehaven.net/anonbib/

in other words, like crypto, anonymity is hard. you're doing a lot of unnecessary work in the example above, and not solving some of the critical (and hard) problems you think. if you enjoy learning, that list will provide a lot of useful content. *grin*

best regards,

 

Thats a really thought out idea, i really like it. through i believe your system could be done using existing systems and technology. Makes it easier to impletement and by using existing technology we can improve these systems without making yet another anonymous network. A really simple solution would be to use the mixmaster network to send an stegno picture with a hidden message or encyrpted container for added security with your message, that way noone knows whom sent the message and those cute kitten pictures really don't draw much attention . Or upload the picture/mp3/flash file to youtube/flickr via TOR/I2P/JAP/phison and do the same thing.

 

Yes but the problem with those networks is they are easy to cut off access to as the entry nodes are publicly listed. Would be harder to cut off access to ALL servers you can upload user named content to.

I will check that link coderman, thanks!

 

One more thing I thought of for the Tor network is why do they need to encrypt the data three times? Wouldn't a design like this cut down on bandwidth requirements?

Clients have a public key and so do nodes. The client does a key exchange with the three nodes on the circuit it is using. The actual information is encrypted symmetrically one time using the key of the exit node (the keys could be randomly generated each circuit or something, exchanged with ECDH or something). Anyways the information is encrypted only to the exit node, then the IPs of the node sequence are encrypted three times (also symmetrically) in traditional onion layers. I think that would significantly reduce bandwidth and wouldn't necessarily reduce any anonymity, right? It is my understanding (quite possibly wrong) that right now the Tor network uses RSA keys to encrypt the data and path three times in layers and I see this as a wasteful design from a bandwidth perspective.

ok now reading those pdfs =).