[messaging] Panoramix decryption mixnet messaging spec and design documents

[dawuud]

> I wonder, in general can we have nice things? Can we finally have a
> cryptographic messaging system that protects against intersection
> attacks? To that end I've been putting together a reading list so that

If my understanding is correct, the answer is No. No we cannot prevent
longterm intersection attacks by using decoy traffic in the
katzenpost/loopix system because users will go offline and come back
online later which changes the anonymity set size and thus leaks
information to a global network observer.

I suspect that there are mixnet use cases which are not vulnerable or
less vulnerable to this... such that user or application behavior does not
form a "session" where users send multiple messages over long periods which
can be linked by a passive observer.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20171114/944bda41/attachment.sig>