Discussion:
[Twisted-Python] announcing: txmix, a twisted python mixnet library
David Stainton
2017-02-19 20:56:36 UTC
Permalink
Hi. I'd like to announce txmix, a library for writing mixnets in python.

https://github.com/applied-mixnetworks/txmix

txmix is GPL3 licensed and currently depends on:
sphinxmixcrypto, Twisted, txtorcon, attrs, eliot
and Tor Project's chutney (for integration tests).

txmix allows you to write mixnets with reduced code complexity and
transport agnosticism... however I've choosen to focus my development
efforts on the Tor onion transport for several reasons, the onion
transport has some properties which the UDP transport does not:

- reliability
- forward secrecy
- NAT penetration

Additionally the Tor anonymity properties are a welcome bonus since
they aren't really overlapping with those of the mixnet, they are
vulnerable to different types of attacks and accomodate for totally
different threat models.

Currently txmix has some integration tests that use chutney to spin up
a local 25 relay tor network; builds a mixnet using onion services
as the transport and then tests functionality by sending and receiving
messages on the mixnet.


future development
------------------

- txmix could certainly be used to write various kinds of mixnets,
however, we are missing a PKI. Without some kind of public key
infrastructure how will mix clients learn about mix public keys?

- sphixmixcrypto library needs improvements that would allow us
to specify more message types such as dummy/cover traffic message
and heartbeat messages. These of course are essential for the defense
against certain known active attacks against some mix types.


questions, code review and pull requests welcome.


David Stainton
Glyph Lefkowitz
2017-02-20 02:03:36 UTC
Permalink
Post by David Stainton
Hi. I'd like to announce txmix, a library for writing mixnets in python.
https://github.com/applied-mixnetworks/txmix
sphinxmixcrypto, Twisted, txtorcon, attrs, eliot
and Tor Project's chutney (for integration tests).
txmix allows you to write mixnets with reduced code complexity and
transport agnosticism... however I've choosen to focus my development
efforts on the Tor onion transport for several reasons, the onion
- reliability
- forward secrecy
- NAT penetration
Additionally the Tor anonymity properties are a welcome bonus since
they aren't really overlapping with those of the mixnet, they are
vulnerable to different types of attacks and accomodate for totally
different threat models.
Currently txmix has some integration tests that use chutney to spin up
a local 25 relay tor network; builds a mixnet using onion services
as the transport and then tests functionality by sending and receiving
messages on the mixnet.
future development
------------------
- txmix could certainly be used to write various kinds of mixnets,
however, we are missing a PKI. Without some kind of public key
infrastructure how will mix clients learn about mix public keys?
- sphixmixcrypto library needs improvements that would allow us
to specify more message types such as dummy/cover traffic message
and heartbeat messages. These of course are essential for the defense
against certain known active attacks against some mix types.
questions, code review and pull requests welcome.
David Stainton
Very cool. To be perfectly honest I don't understand most of this in a lot of detail (starting with what a "mixnet" is), but thanks for using Twisted to do it :).

-glyph
David Stainton
2017-02-20 05:15:41 UTC
Permalink
Hi Glyph,

Yeah hopefully I'll be using Automat soon as well :-)

A mixnet is an anonymity network which means it provides sender and
receiver anonymity (location hiding).
Mixnets have some very interesting properties such as:
- message oriented
- high latency
- not vulnerable to global passive adversary

Unlike tor which is stream oriented, low latency and most definitely
vulnerable to global passive adversaries.
(Mixnets were invented in 1981 by David Chaum, there's a lot of
research papers but not a lot of examples we can use.)

It's funny that anonymity properties make writing txmix easier because
there is no addressing information for received mixnet messages ;-p
whereas core twisted is built very carefully to preserve the address
of received connections and datagrams.

My favorite mixnet introductions include:
- https://crypto.is/blog/mix_and_onion_networks
- "Why I'm not an Entropist"
https://www.freehaven.net/anonbib/cache/entropist.pdf
- "Sleeping dogs lie on a bed of onions but wake when mixed"
https://petsymposium.org/2011/papers/hotpets11-final10Syverson.pdf


Cheers,

David


On Mon, Feb 20, 2017 at 2:03 AM, Glyph Lefkowitz
Post by Glyph Lefkowitz
Post by David Stainton
Hi. I'd like to announce txmix, a library for writing mixnets in python.
https://github.com/applied-mixnetworks/txmix
sphinxmixcrypto, Twisted, txtorcon, attrs, eliot
and Tor Project's chutney (for integration tests).
txmix allows you to write mixnets with reduced code complexity and
transport agnosticism... however I've choosen to focus my development
efforts on the Tor onion transport for several reasons, the onion
- reliability
- forward secrecy
- NAT penetration
Additionally the Tor anonymity properties are a welcome bonus since
they aren't really overlapping with those of the mixnet, they are
vulnerable to different types of attacks and accomodate for totally
different threat models.
Currently txmix has some integration tests that use chutney to spin up
a local 25 relay tor network; builds a mixnet using onion services
as the transport and then tests functionality by sending and receiving
messages on the mixnet.
future development
------------------
- txmix could certainly be used to write various kinds of mixnets,
however, we are missing a PKI. Without some kind of public key
infrastructure how will mix clients learn about mix public keys?
- sphixmixcrypto library needs improvements that would allow us
to specify more message types such as dummy/cover traffic message
and heartbeat messages. These of course are essential for the defense
against certain known active attacks against some mix types.
questions, code review and pull requests welcome.
David Stainton
Very cool. To be perfectly honest I don't understand most of this in a lot of detail (starting with what a "mixnet" is), but thanks for using Twisted to do it :).
-glyph
_______________________________________________
Twisted-Python mailing list
http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
Loading...