https://www.esat.kuleuven.be/cosic/publications/article-3637.pdf

tl;dr

@Youngjoon Lee

This paper argues that APV (Adversaries with Partial Visibility) should be considered as the default threat model rather than GPA. This introduces a traffic analysis framework to evaluate anonymity of the mixnet under different APV. But, it’s not intuitive how we can adopt this work to our project yet, because I need more clear explanation how APV expands their inferences from their observation (that they have visibility) to the hidden space (that they don’t have visibility on).

One lesson is that it’s realistic and meaningful to focus on APV to evaluate the anonymity of our mixnet. Though this paper provides mathematical analysis, we may be able to simulate APV in practical.

Introduction

The Global Passive Adversary (GPA) has been used as a threat model in most of mixnet researches and simulations so far. But, the GPA is unrealistic (P. Syverson Why I’m Not an Entropist ) since in practice even very powerful adversaries may have blind spots in their network coverage. Considering such an unnecessarily strong adversary may hinder exploring the development of mixnet designs that can scale better and provide adequate and meaningful privacy in the real world. The measure of an adversary’s ability to succeed must include the resources it will take them to learn enough information to link relations.

The research provides the following contributions:

A matrix-based mixnet model that is able to capture different mixnet configuration such as different topologies and mixing strategies.
A model for an Adversary with Partial Visibility ($APV$) that can be captured by the matrix-based mixnet model. This model can be used in conjunction with Bayesian inference techniques to perform traffic analysis attacks.
- This is the first time such an adversary is explicitly defined and studied.
A traffic analysis framework that uses the Metropolis-Hastings algorithm to evaluate anonymity under different $APV$.

Adversary Model

In a nutshell, the problem is presented as follows:

The adversary $APV$ has a prior knowledge about the mixnet-based system.
$APV$ observes the network over some time interval $t$ and produces an observation $O$.
Given the prior knowledge as well as the observation $O$, the adversary tries to infer the probability of certain events that happened either partially or entirely outside of her visibility during the time $t$.
- We call the parts of the network trace that the adversary doesn’t have visibility over a Hidden State $HS$.

Major Aspects of Adversaries

Goal

e.g.