In practice, the message latency would be around 20s to 40s, depending on security parameters and the number of users connected to the system. [emphasis added]
Those are not promising numbers for real-time communication (i.e. as a replacement for IM).
SMS-based communications can have similar latencies, just because people put their phone down. For active real-time communication where both ends are looking at their devices at the same time, 30s would indeed feel very slow. But for general “passive” messages one sends on the side this would be totally fine, I think.
While this is a very interesting piece of work and has a bunch of ideas that may be worth integrating into other anonymizing systems, there are some fairly foundational issues that will certainly keep this from becoming the next Tor.
The latency. Aside from being too slow for interactive use, it places itself in an unfortunate worst-of-both-worlds case between low-latency systems (like Tor, with latencies on the order of one second) which are actually usable for a wide variety of purposes but very easy to perform traffic correlation attacks on, and high-latency systems (like MixMinion, with latencies on the order of hours) which can provide very strong anonymity guarantees (or could, if anyone actually used them =P) but are very limited in use because of the high latency. However, the judicious use of cover traffic could allow a high-latency system to run anonymously at a more vuvuzela-like latency, thus opening up a wider variety of use cases.
Only vertically scalable. The design (and indeed the threat model they’ve taken) requires that every server be involved in the transmission of every message, so adding more servers only slows things down (though it does improve the privacy guarantees). Tor currently serves over 2 million users with in excess of 10 Gb/s aggregate bandwidth, something which vuvuzela will never be able to match. (The obvious consequence, if this takes off anyway, is multiple independent vuvuzelae. It is presumably left as an excercise how to pick one not set up by attackers.) Furthermore, as another consequence, the cost to participate is very high: an AWS c4.8xlarge (the instance size they apparently used to test) costs on the order of $1k/month, while I could run a Tor relay providing a nontrivial amount of bandwidth to the network on my home router.
Very subject to DoS. Again, this is a consequence of the threat model they’ve taken; because every server is involved with every message, knocking out a single server makes the entire service unavailable. The ability of an unavailable service to hide the identities of its users is somewhat beside the point. =)
I don’t mean to dismiss the work here at all, because what the authors have done is impressive, not at all easy, and presents a lot of interesting and good new ideas in anonymizing systems, which have largely stagnated since Tor gained a nearly complete monopoly of the space. But it feels very much like the output of a research project (“given this extremely strong threat model, what can we possibly build to counteract it?”) rather than something that will attract heavy use.
This is really cool, but…
Those are not promising numbers for real-time communication (i.e. as a replacement for IM).
SMS-based communications can have similar latencies, just because people put their phone down. For active real-time communication where both ends are looking at their devices at the same time, 30s would indeed feel very slow. But for general “passive” messages one sends on the side this would be totally fine, I think.
While this is a very interesting piece of work and has a bunch of ideas that may be worth integrating into other anonymizing systems, there are some fairly foundational issues that will certainly keep this from becoming the next Tor.
I don’t mean to dismiss the work here at all, because what the authors have done is impressive, not at all easy, and presents a lot of interesting and good new ideas in anonymizing systems, which have largely stagnated since Tor gained a nearly complete monopoly of the space. But it feels very much like the output of a research project (“given this extremely strong threat model, what can we possibly build to counteract it?”) rather than something that will attract heavy use.