[Twisted-Python] announcing: txmix, a twisted python mixnet library
Hi. I'd like to announce txmix, a library for writing mixnets in python. https://github.com/applied-mixnetworks/txmix txmix is GPL3 licensed and currently depends on: sphinxmixcrypto, Twisted, txtorcon, attrs, eliot and Tor Project's chutney (for integration tests). txmix allows you to write mixnets with reduced code complexity and transport agnosticism... however I've choosen to focus my development efforts on the Tor onion transport for several reasons, the onion transport has some properties which the UDP transport does not: - reliability - forward secrecy - NAT penetration Additionally the Tor anonymity properties are a welcome bonus since they aren't really overlapping with those of the mixnet, they are vulnerable to different types of attacks and accomodate for totally different threat models. Currently txmix has some integration tests that use chutney to spin up a local 25 relay tor network; builds a mixnet using onion services as the transport and then tests functionality by sending and receiving messages on the mixnet. future development -- - txmix could certainly be used to write various kinds of mixnets, however, we are missing a PKI. Without some kind of public key infrastructure how will mix clients learn about mix public keys? - sphixmixcrypto library needs improvements that would allow us to specify more message types such as dummy/cover traffic message and heartbeat messages. These of course are essential for the defense against certain known active attacks against some mix types. questions, code review and pull requests welcome. David Stainton ___ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
Re: [Twisted-Python] announcing: txmix, a twisted python mixnet library
> On Feb 19, 2017, at 12:56, David Stainton wrote: > > Hi. I'd like to announce txmix, a library for writing mixnets in python. > > https://github.com/applied-mixnetworks/txmix > > txmix is GPL3 licensed and currently depends on: > sphinxmixcrypto, Twisted, txtorcon, attrs, eliot > and Tor Project's chutney (for integration tests). > > txmix allows you to write mixnets with reduced code complexity and > transport agnosticism... however I've choosen to focus my development > efforts on the Tor onion transport for several reasons, the onion > transport has some properties which the UDP transport does not: > > - reliability > - forward secrecy > - NAT penetration > > Additionally the Tor anonymity properties are a welcome bonus since > they aren't really overlapping with those of the mixnet, they are > vulnerable to different types of attacks and accomodate for totally > different threat models. > > Currently txmix has some integration tests that use chutney to spin up > a local 25 relay tor network; builds a mixnet using onion services > as the transport and then tests functionality by sending and receiving > messages on the mixnet. > > > future development > -- > > - txmix could certainly be used to write various kinds of mixnets, > however, we are missing a PKI. Without some kind of public key > infrastructure how will mix clients learn about mix public keys? > > - sphixmixcrypto library needs improvements that would allow us > to specify more message types such as dummy/cover traffic message > and heartbeat messages. These of course are essential for the defense > against certain known active attacks against some mix types. > > > questions, code review and pull requests welcome. > > > David Stainton Very cool. To be perfectly honest I don't understand most of this in a lot of detail (starting with what a "mixnet" is), but thanks for using Twisted to do it :). -glyph ___ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
Re: [Twisted-Python] announcing: txmix, a twisted python mixnet library
Hi Glyph, Yeah hopefully I'll be using Automat soon as well :-) A mixnet is an anonymity network which means it provides sender and receiver anonymity (location hiding). Mixnets have some very interesting properties such as: - message oriented - high latency - not vulnerable to global passive adversary Unlike tor which is stream oriented, low latency and most definitely vulnerable to global passive adversaries. (Mixnets were invented in 1981 by David Chaum, there's a lot of research papers but not a lot of examples we can use.) It's funny that anonymity properties make writing txmix easier because there is no addressing information for received mixnet messages ;-p whereas core twisted is built very carefully to preserve the address of received connections and datagrams. My favorite mixnet introductions include: - https://crypto.is/blog/mix_and_onion_networks - "Why I'm not an Entropist" https://www.freehaven.net/anonbib/cache/entropist.pdf - "Sleeping dogs lie on a bed of onions but wake when mixed" https://petsymposium.org/2011/papers/hotpets11-final10Syverson.pdf Cheers, David On Mon, Feb 20, 2017 at 2:03 AM, Glyph Lefkowitz wrote: >> On Feb 19, 2017, at 12:56, David Stainton wrote: >> >> Hi. I'd like to announce txmix, a library for writing mixnets in python. >> >> https://github.com/applied-mixnetworks/txmix >> >> txmix is GPL3 licensed and currently depends on: >> sphinxmixcrypto, Twisted, txtorcon, attrs, eliot >> and Tor Project's chutney (for integration tests). >> >> txmix allows you to write mixnets with reduced code complexity and >> transport agnosticism... however I've choosen to focus my development >> efforts on the Tor onion transport for several reasons, the onion >> transport has some properties which the UDP transport does not: >> >> - reliability >> - forward secrecy >> - NAT penetration >> >> Additionally the Tor anonymity properties are a welcome bonus since >> they aren't really overlapping with those of the mixnet, they are >> vulnerable to different types of attacks and accomodate for totally >> different threat models. >> >> Currently txmix has some integration tests that use chutney to spin up >> a local 25 relay tor network; builds a mixnet using onion services >> as the transport and then tests functionality by sending and receiving >> messages on the mixnet. >> >> >> future development >> -- >> >> - txmix could certainly be used to write various kinds of mixnets, >> however, we are missing a PKI. Without some kind of public key >> infrastructure how will mix clients learn about mix public keys? >> >> - sphixmixcrypto library needs improvements that would allow us >> to specify more message types such as dummy/cover traffic message >> and heartbeat messages. These of course are essential for the defense >> against certain known active attacks against some mix types. >> >> >> questions, code review and pull requests welcome. >> >> >> David Stainton > > Very cool. To be perfectly honest I don't understand most of this in a lot > of detail (starting with what a "mixnet" is), but thanks for using Twisted to > do it :). > > -glyph > ___ > Twisted-Python mailing list > Twisted-Python@twistedmatrix.com > http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python ___ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
