1995-01-08 - Re: Latency Costs of Anonymity

Header Data

From: Wei Dai <weidai@eskimo.com>
To: Hal <hfinney@shell.portal.com>
Message Hash: 61606e1bd957e4476da219fa61206be0cefa526213d7f6981a3a6215e767598c
Message ID: <Pine.SUN.3.91.950107164103.8939E-100000@eskimo.com>
Reply To: <199501072300.PAA25794@jobe.shell.portal.com>
UTC Datetime: 1995-01-08 01:08:42 UTC
Raw Date: Sat, 7 Jan 95 17:08:42 PST

Raw message

From: Wei Dai <weidai@eskimo.com>
Date: Sat, 7 Jan 95 17:08:42 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: Latency Costs of Anonymity
In-Reply-To: <199501072300.PAA25794@jobe.shell.portal.com>
Message-ID: <Pine.SUN.3.91.950107164103.8939E-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 7 Jan 1995, Hal wrote:

> This technology does sound like mixing could work pretty well to provide
> anonymity.  There is some price in bandwidth and latency but ATM is so
> fast that probably several steps of chaining and mixing would be
> possible.  Naturally such mixes would have to be hardware based due to the
> rapid speeds of the packets.  So this would be kind of a "souped up"
> version of our current email remailer network, with vastly greater
> bandwidths and switching speeds.

The problem here is that you'll have to do a RSA operation on EACH 
packet.  Pretty hard on the CPU...

> I think it may be more useful rather than speaking of "true" anonymity
> to think of factor-of-N anonymity.  This reflects the bandwidth costs.  I
> would guess that, if you have a packet-based video converencing system,
> that today you could probably get factor-of-2 anonymity with custom
> hardware, and perhaps even more than that.

I'm not exactly sure what you mean by "factor-of-N".  I only used "true" 
to distiguish it from "trivial" anonymity (such as using a pay phone).  
Of course, anonymity, like security, can only be relative.

> One other point I would make, based on Wei's original post, is that no
> doubt anonymity does exact some costs.  However this does not mean that
> it is uncompetitive.  It also may have, in some circumstances,
> advantages.  People may be more frank and critical when they are shielded
> by anonymity.  I've read articles about companies which introduce
> electornic "suggestion boxes" where people can post anonymously, and
> upper management is often shocked at the results.  It is too early to
> judge how much of a net benefit or harm anonymity will be in general.
> 
> Furthermore, it is likely that the net advantage will differ depending on
> the business or organization.  At one extreme, a group working with
> illegal or restricted technology would probably benefit more from
> anonymity.  I think it was Keith Henson who posted a story here a couple
> of years ago that he was working on, involving some kind of underground
> protest group which organized itself using crypto anonymity.  So it is
> really not a question of whether anonymity is good or bad, but rather
> whether its costs outweigh its advantages in a particular situation.

This is all very true.  I guess I'm just lamenting the loss of my ealier,
more naive dream that one day everyone will be anonymous (read
pseudonymous), and that physical and digital identities will be totally
seperate. 

Wei Dai
Who should really start signing his posts but left his key in another 
computer.







Thread