Structural Analysis of Network Anonymity

Preface

The following material is part of a broader research project titled “Theory of Hidden Systems.” The full work is openly available and can be accessed here. Based on this theory, client-secure applications and anonymous networks are also being developed, which you can learn about here. This article does not include references; the full list can be found in the main work, as this article is only a component of the larger study.

Introduction

Anonymity is a complex term that encompasses many factors, each of which can influence the overall level of anonymity in different ways. As a result, anonymity can always be interpreted differently depending on the situation, and such interpretations can all be valid. The goal of this article is to deconstruct anonymity specifically in the context of network environments, as outside of this space, the term becomes even more abstract and general.

This article may be useful for developers designing anonymous networks, cryptographers working on cryptographic protocols, and anyone interested in the structure of anonymous networks.

Network anonymity is primarily realized in hidden (anonymous) networks. Today, there are many such networks, each with different characteristics, making it possible to compare and analyze their levels of anonymity based on their differences.

Any analysis can start either from the beginning (origins and primitives) or from the end (existing systems). Both approaches, if done correctly, will ultimately lead to the same conclusions. However, starting from the origins is more challenging without initial data, which can be obtained by deconstructing existing systems and using the resulting forms as a starting point for research.

Anonymous Networks

Hidden systems are a set of network technologies aimed at ensuring and maintaining an acceptable level of anonymity for end users (senders and receivers) along with the security of objects (information). Anonymity and security can be implemented to varying degrees, making this class of systems quite broad. Such systems include anonymous networks and client-secure applications. This article focuses on anonymous networks.

Anonymous (hidden) networks are those that combine routing (the distribution of information objects across the network) with encryption (the method of hiding information objects within the network). Routing provides anonymity for subjects, while encryption ensures confidentiality (primarily), integrity, and authentication for the object. Without routing, the sender/receiver can be easily identified; without encryption, the message content is easily revealed. Only the combination of these two properties makes a network truly hidden.

Based on speed and information propagation methods, anonymous networks are divided into two types: low-latency and high-latency networks. Low-latency systems prioritize speed and efficiency of information transfer between true subjects, but their level of anonymity is insufficient to withstand attacks from global external observers (strong anonymity factor). High-latency systems prioritize real anonymity, including protection against global observers, but their main drawback is slow data transfer. This leads to the classic problem in secure system design: the trade-off between performance and security. Examples of low-latency systems include Tor, I2P, and Tarzan; high-latency systems include Mixminion, Herbivore, and Dissent.

Routing in anonymous networks is not primitive and places the efficiency of object propagation as a secondary concern (even in low-latency systems, otherwise they would not be hidden networks). The main goal is to create an obfuscating algorithm (anonymizer) that makes it difficult to analyze the true path from sender to recipient. As a result, hidden networks are often slow and complex to use, which limits their practical, everyday application.

Threat models for such routing tasks consider the capabilities of attackers. The main antagonist is often the state, acting as an external, global observer capable of monitoring the spread of objects across the network. The routing algorithm must confuse external adversaries and prevent them from identifying patterns of sending, receiving, requests, and responses among network participants. Internal attackers are also a serious threat, as network participants themselves can undermine the system. External observers can analyze network traffic and block nodes, while internal observers can introduce cooperating nodes and perform additional actions like sending and receiving information. Observers without extra functions are called passive attackers; otherwise, they are active attackers. The routing algorithm must prevent any subject (sender, receiver, or intermediary) from fully analyzing the packets they handle.

Figure 1. External and internal observers (attackers) in the context of an obfuscating routing algorithm

In combination, external and internal attackers can carry out attacks that would be impossible individually. The main attack methods can be represented in a table (not included here). Active attacks are a superset of passive ones. External attacks can be divided into two subsets: those with and without a global observer.

Threat Models and Types of Anonymity

Anonymous networks can have different threat models depending on their use case and technical or budgetary constraints. Based on this, three types of anonymity are defined:

1. Link anonymity between sender and receiver. This is a weak threat model, as observers can record the fact that information was sent and received by true network subjects. Such systems have low overhead and can be widely implemented. Examples: Tor, I2P, Mixminion.
2. Sender or receiver anonymity. This is an intermediate threat model, hiding only the fact of sending or receiving information by one subject (either sender or receiver). These systems are suitable for specific use cases, such as when only one party needs protection. For example, a network where the sender broadcasts an encrypted message to all participants, but only the intended recipient can decrypt it. Another example is a network where all participants periodically send information to a server via unrelated routers, and the server publishes the information openly.
3. Sender and receiver anonymity. This is a strong threat model, hiding both the act of sending and receiving information. In systems where the recipient must reply to the sender (request-response model), this model regresses to the first type, as roles eventually reverse. Such systems are often impractical due to computational complexity. Example: DC networks.

The first type relates to unlinkability, while the second and third relate to unobservability. Unobservability includes unlinkability. If unlinkability were absent from unobservability, it would be possible to determine the existence of information subjects, violating unobservability.

The third type is difficult to describe, as it is unclear how anonymous the sender and receiver are to each other, and whether their mutual non-anonymity constitutes a violation. This depends on the implementation and use case.

Theoretically provable anonymous networks are considered closed (fully monitored) systems where passive attacks (even with a global observer) cannot deanonymize sender and receiver, given a minimum number of uncompromised nodes. For a passive attacker, posterior knowledge (after observation) should equal prior knowledge (before observation), maintaining equal probability of deanonymization among all network subjects.

Specific routing forms define criteria for a network to be considered anonymous. For example, Tor, I2P, Mixminion, Herbivore, and Crowds are anonymous networks because they provide subject anonymity through obfuscated routing and minimal object security in communications. RetroShare, Freenet, Turtle, and Bitmessage are not anonymous networks, as their routing only transmits information without obfuscating algorithms, even if they provide high object security. Networks that provide only subject anonymity without object security are also not considered hidden networks.

Development of Anonymity

Since network anonymity is fragmented in terms of definitions and terminology, it can be seen as developing in stages. Anonymity can be viewed as a gradation with six stages, each representing a phase of formation through negation and internal contradictions.

1. First stage: The starting point, representing a direct, primitive “client-client” connection between two peers, with no anonymity. Trust is at its minimum.
2. Second stage: Introduces an intermediary node or server, creating a multi-peer architecture. Clients depend on the communication platform, and anonymity increases, but only for “client-client” connections. The server knows about the clients, and security and anonymity are at odds. This stage is called pseudo-anonymity.
3. Third stage: Introduces primitive routing through multiple unrelated proxy servers, increasing anonymity as packets pass through a chain of nodes. Security is still not ensured, as encryption is only an added property.
4. Fourth stage: Develops the third stage by adding multiple layers of encryption (polymorphism) through tunneling, as in VPN services. Trust and anonymity are equivalent to the third stage, but exit nodes gradually reveal the true packet, hiding metadata linking sender and recipient.
5. Fifth stage: Replaces network addresses with cryptographic ones, separating subject identification from network protocols. Platforms are built on cryptographic connections, and trust is minimized. Examples: Bitmessage, RetroShare, Freenet, Bitcoin, Ethereum. The network becomes hybrid and peer-to-peer, with cryptographic addresses as identifiers. No information polymorphism exists at this stage, leading to internal contradictions.
6. Sixth stage: Synthesizes the fourth and fifth stages, combining polymorphism (anonymous linking) and cryptographic identification (anonymous definition). Both sender and receiver are anonymized, and anonymity is more complete. Most hidden networks like Tor, I2P, and Mixminion fall into this stage.

Note: The fourth and fifth stages develop in parallel, making it difficult to determine the exact sequence. The order here is based on qualitative changes. The second and fifth stages are characterized by an implosive nature, as they involve not only object distribution but also retention for later retrieval. These are called communication platforms. Other stages focus only on transmission methods.

Figure 8. The development of anonymity as a process of stage formation

Protection defined by “client-client” links originates in the first stage and is quickly replaced by client-server encryption in the second stage, due to the limitations of direct connections. True secure “client-client” communication re-emerges in the fifth stage, but subsequent stages focus on hiding subjects through object transport based on cryptographic addresses.

The main advantage of the fifth stage is the ability to identify subjects in peer-to-peer and hybrid systems using cryptographic methods, ensuring integrity and authentication independent of third-party nodes or servers. Confidentiality may also be present but is optional (e.g., cryptocurrencies ensure integrity and authentication, but not always confidentiality).

Based on the fifth stage, it is possible to form first-type covert communication channels, as shown in Figure 9. This is achieved through cryptographic identification, allowing abstraction from network identification. Second-type covert channels can be formed from subsets of the fifth and sixth stages. In general, covert channels abstract from the primary network not by negation, but by merging with it, building their own communication methods based on the fifth or sixth stage of anonymity.

Key Criteria for Anonymous Networks

From the above, the main criteria for anonymity in building secure anonymous networks (full hidden systems) are:

1. Anonymity must be internal (against node analysis) and external (against network traffic analysis). This is achieved by breaking the link between subjects via their object using an obfuscating routing algorithm.
2. Anonymity must encapsulate and abstract pseudonyms between sender and receiver from primary identification based on network communications. This is achieved by breaking the link between network and cryptographic identification.
3. Anonymity must prevent the storage of data and metadata in a transparent state for intermediary nodes. This is achieved by replacing all communication platforms with the fifth stage of anonymity, minimizing trust to the theoretical minimum.

The second point is a simplification, as the break should also occur between two cryptographic identifications of different systems merged into one, not just between network and cryptographic identifications. For example, when combining the fifth and sixth stages, the cryptographic identification of the same subject should “split” for each stage. Thus, identification should be expressed as a sequence: “network → cryptographic (sixth stage) → cryptographic (fifth stage).”

A hidden system with only the first two points is an anonymous network and belongs to the first, fifth, or sixth stage of anonymity. A system with only the last two points is a client-secure application and belongs exclusively to the fifth stage. A system with all three criteria is complete and belongs to a combination of stages. A system with only one criterion is not hidden. For example, a chain of VPN services fits the first point; centralized communication services fit the second; anonymous networks fit the first and second; client-secure applications fit the second and third; full hidden systems fit all three. There are no systems with only the third point or a combination of the first and third (excluding the second), as the third criterion is a consequence of the second.

In summary, network anonymity is defined as the disruption of most logical links between the transported/stored object and its subjects, as well as between network and cryptographic identifications.

Note that this definition is still abstract, as it does not specify the exact anonymity criteria supported by a given hidden system. For example, it does not clarify the level of anonymity for sender and/or receiver, as the mechanisms and vectors of anonymization are unknown. However, this abstraction also provides clear boundaries for defining anonymity among different systems.

Source

Onion Market — a free P2P exchange on Telegram. We offer XMR, BTC, USDT.TRC20.