[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Pentagon patentiert Anonymisierungs-Technologie
... und die Geeks bei der Usenix-Security-Konferenz, wo das Verfahren
vorgestellt wurde, finden das gar nicht nett - immerhin wurde sowas
schon seit Jahren von anderen entwickelt.
Pentagon Hides Behind Onion Wraps
By Declan McCullagh
2:00 a.m. Aug. 17, 2001 PDT
Onions may be the secret ingredient in protecting the Pentagon's
During an afternoon presentation at the Usenix Security conference on
Thursday, a researcher at the U.S. Naval Research Laboratory described a
technology known as "Onion Routing," which preserves anonymity by
wrapping the identity of users in onion-like layers.
"Public networks are vulnerable to traffic analysis. Packet headers
identify recipients, and packet routes can be tracked," said Paul
Syverson, who works at the NRL's Center for High Assurance Computer
Systems. "Even encrypted data exposes the identity of the communicating
Even if you bother to scramble the contents of your message, someone
snooping your e-mail or Web-browsing habits can still see your Internet
address and the address of the person or website with whom you're
communicating. In other words, if you're a CIA or military intelligence
agent, you don't want to visit the website of an underground group and
risk revealing you're coming from a dot-mil network.
The Onion Routing solution, which follows much the same recipe as Zero
Knowledge's Freedom software and cypherpunk-developed mixmaster
remailers, is to forward communications through a complicated network
that bounces Internet packets around like pinballs and hides the origin
and destination from all but the most determined eavesdroppers.
Syverson said that the U.S. government was awarded patent number
6,266,704 for Onion Routing on July 24.
That announcement prompted an angry reaction from Usenix attendees,
many of whom are programmers, security consultants and system
administrators, who aren't big fans of software patents -- especially in
the area of anonymous communications, where there's been so much prior
work before the Navy ever got involved.
Mathematician David Chaum, for instance, wrote an article titled
"Untraceable Electronic Mail, Return Addresses and Digital Pseudonyms"
for Communications of the ACM as far back as 1981. Lance Cottrell, who
now runs anonymizer.com, wrote part of the mixmaster system in the early
1990s, and similar techniques were discussed on the cypherpunks mailing
list even earlier.
Syverson, who is listed on the patent with co-inventors Michael Reed
and David Goldschlag, defended the government's move. "It is a necessary
step for those of us working for the government to bring technology to
the public," Syverson said.
The patent describes Onion Routing, which has been the subject of
analysis at previous security conferences, as providing "an electronic
communication path between an initiator and a responder on a
packet-switching network comprising an onion routing network that
safeguards against traffic analysis and eavesdropping by other users of
the packet switching network" such as the Internet.
Onion Routing works though a complex system of several routers that
wrap data in successive layers of public key encryption to prevent
anyone from identifying what is in the packet. The trick is that the
original sender of the packet and the packet's destination are wrapped
up within these layers of code.
"The originating proxy server knows the routing topography and picks
the route the packet will take at random," Syverson said.
This year's Usenix Security confab -- the next one is in San Francisco
-- was most notable for a packed presentation Wednesday, where Princeton
University professor Ed Felten and his co-authors presented a paper
describing how they broke a digital watermarking scheme.
Music industry groups, including the Recording Industry Association of
America, had warned at one point of a possible lawsuit under the Digital
Millennium Copyright Act if Felten described the paper at a previous
conference in April. They now say that they never threatened the
Another paper presented was titled "Inferring Internet
Denial-of-Service Activity," which describes a novel technique to learn
the frequency of denial-of-service attacks.
Typically denial-of-service attacks work with an attacking computer
forging a return Internet protocol (IP) address. By tracking how often
bounced messages return to a certain range of IP addresses during a
three-week test period, the researchers reported they were able to
observe over 12,000 attacks against more than 5,000 targets.
The technique, called "backscatter analysis," was developed by authors
David Moore, of the San Diego Supercomputer Center, and Geoffrey Voelker
and Stefan Savage at the University of California at San Diego.
Andrew Osterman contributed to this report
Mail an infowar -
- infopeace -
de mit "unsubscribe" im Text.