Mixminion

Mixminion
Basic data
Maintainer	Nick Mathewson
Current version	0.0.8alpha3 ; (September 15, 2007)
operating system	Platform independent
programming language	python
category	Remailer
License	BSD license
German speaking	No
	www.mixminion.net

Mixminion is software for anonymous sending and receiving of digital messages ( remailer ). Mixminion also represents the reference implementation of the protocol of a Type III remailer and was developed in the Python programming language . A mixed network is used to transport the messages .

General information

The Mixminion program works as a server or client .

End users use the Mixminion client to encrypt messages and send them through the Mixminion network to the recipient. Mixminion server, d. H. the nodes in the mix network are run by volunteers, accept messages and pass them on within the network until they reach the recipient.

Basic functionality

Each node in the network has a key pair consisting of a public and a secret key and publishes the public key in a central directory. A new key pair is generated at regular intervals and the old one is destroyed. An additional identity key pair, which is not changed, is used to digitally confirm the current packet key of the node.

Users can download the data and keys of all nodes from a trusted directory and define the path of a message through the network of nodes. The user selects a series of nodes (randomly or manually) and encrypts the message in turn with the public key of the nodes, starting with the last node in the series. Put simply, the message is protected like an onion by several layers of encryption.

Each node can now remove the outermost encryption with its own key and pass the message on to the next node. All that is visible for each node is where the message comes from and to whom it is passed on. Only the last node in the chain can access the actual content of the message and deliver the message to the actual recipient.

The first node in the chain knows the sender, the last node in the chain the content and the recipient - so it makes sense to have at least two nodes in the chain. The more nodes are used, the greater the probability that the two (or three, depending on the point of view) mentioned pieces of information cannot be assigned to one another.

All messages also have a fixed length of around 32 KB. Larger messages are divided into 32 KB blocks, smaller messages are padded to this length. This fixed length makes it impossible to identify and track messages within the network by their size.

particularities

Mixminion was developed to avoid known weaknesses of previous protocols:

Mixminion deliberately does not use the email message format according to RFC 2822 , but implements its own protocol. When operating a server, the existing infrastructure is no longer used to send and receive e-mails.
The transmission between nodes is encrypted, i.e. H. an attacker who feeds additional messages into the network cannot identify his own messages and cannot observe their onward transport.
The rotation of the package key for each node takes place automatically, usually once a month. After this time has elapsed, the packet keys are destroyed by the node, i. This means that previously intercepted messages that were encrypted with these keys can no longer be decrypted.

Reply to anonymous senders

Mixminion also allows replies to anonymous senders. This is not possible with Mixmaster (Type II), Mixmaster uses, e.g. B. in the case of Nym servers, or Cypherpunk response blocks (Type I).

It is possible to calculate the header data for one half (the second half) of the path of a message in advance and to pass it on to others as a single use reply block . When using it, only the first station on the way back is visible, but no other stations or even the destination address of the response block. Reply blocks have an expiration date and can only be used once. If they are used multiple times, later messages are treated as duplicates and are already discarded within the network. The same happens if an answer block is used after its expiration date.

The first half of the path is set by the respondent, in extreme cases two mutually anonymous users can communicate with each other. Normal messages and replies that were sent using reply blocks are also indistinguishable from each other.

Nym server

Work on the reference implementation of a Type III Nym server called "Nymbaron" was discontinued after it was published that response block-based Nym server systems are fundamentally vulnerable to statistical attacks. This vulnerability also applies to the existing Mixmaster or Cypherpunk Nym servers. Such a vulnerable design should not be implemented again.

criticism

Missing functionality compared to Mixmaster (Type II): For example, messages to Usenet groups are not yet supported. However, Mail2News gateways can be used. There is a patch that adds support for newsgroups to Mixminion, but this was not integrated into the official code, so that hardly any servers support messages to Usenet groups.
There is a central directory of all nodes, which is stored statically in the program text. If this directory fails, Mixminion can no longer be used until the program text has been adapted. Likewise, a single central directory depending on the point of view u. Can be vulnerable or not trustworthy.
Mixminion is still in the alpha stage, i. H. In particular, there is the possibility that there are still errors in the code that could lead to a loss of anonymity.
For test purposes, the servers involved may work with settings that simplify tests, but at the expense of anonymity. Some servers log their operation in detail.
There is currently only a small user base. The number of servers in the network has also been decreasing steadily for years.
The further development of Mixminion seems to have fallen asleep for the time being (no more events since September 2007).

literature

George Danezis, Roger Dingledine, Nick Mathewson: Mixminion: Design of a Type III Anonymous Remailer Protocol . Proceedings of IEEE Symposium on Security and Privacy, 2003.

Web links

Mixminion

Mixminion project homepage (English)
Pynchon Gate project homepage (English)

End user software

Mixminion Message Sender (Beta) ( Win32 - GUI for Mixminion, English)

Network statistics

Noreply number of mixminion nodes (network statistics, English)

swell

↑ The Mixminion Open Source Project on Open Hub: Languages Page . In: Open Hub . (accessed on July 18, 2018).
↑ http://www.komite.net/laurent/soft/nymbaron/
↑ http://archives.seul.org/mixminion/dev/Jun-2007/msg00001.html
↑ http://blog.peculiarplace.com/2008/05/13/mail2news-gateways/
↑ http://archives.seul.org/mixminion/dev/Nov-2007/msg00000.html
↑ http://www.mixminion.net/

[_af49dc4b48f4dcfc-1] The Mixminion Open Source Project on Open Hub: Languages Page . In: Open Hub . (accessed on July 18, 2018).

[2] ttp://www.komite.net/laurent/soft/nymbaron/

[3] ttp://archives.seul.org/mixminion/dev/Jun-2007/msg00001.html

[4] ttp://blog.peculiarplace.com/2008/05/13/mail2news-gateways/

[5] ttp://archives.seul.org/mixminion/dev/Nov-2007/msg00000.html

[6] ttp://www.mixminion.net/