Skip to main content

Introduction to Mix Networks

· 6 min read

Mixnets are important because they can have strong anonymity, that means stronger than Tor. Tor is well known to have weak anonymity as defined in the academic literature. By leveraging advanced cryptographic techniques and sophisticated mixing strategies, mixnets provide a more secure alternative for anonymous communications, effectively protecting users from passive and active network observers.

Defining Network Anonymity

A mixnet is a specific category of anonymous communications network. Anonymous communication essentially means resistance to traffic analysis. In other words, network anonymity means that a client can interact with some network object, and it is very difficult for a passive or active network observer to determine which client is interacting with which network object. Anonymity loves company: a large number of clients using the network is better for the privacy and anonymity properties than fewer connected clients.

Mixing Packets for Anonymity

Unlike Tor, mixnets do not depend on route unpredictability for the anonymity properties. Instead, each mix in the mixnet performs some type of "mixing" of packets and it is this mixing which provides the anonymity and privacy properties. This process ensures that even if some network paths are observed, the correlation between incoming and outgoing packets remains obscured.

The Anytrust Model

The Anytrust model is an important concept in mixnet literature, it implies a threat model where the users of the mixnet retains the privacy properties as long as at least one mix in the route is not compromised and performs it's mixing honestly. This model is crucial because it ensures robust anonymity even if some nodes are compromised. The strength of the Anytrust model lies in its resilience, making it a cornerstone of modern mixnet designs.

Limitations and the Surveillance Capitalism Problem

To be clear, mixnets do not solve the surveillance capitalism problem; people choose to use services provided by certain very large companies who harvest the surveillance data and sell it to ad agencies. Surveillance problems like that require cultural and social solutions. What we are discussing here is anonymous communications networks as a technical solution to the technical problem of all Internet protocols in general tending to leak metadata onto the communications infrastructure, whereby passive observers get to learn who is talking to whom.

Understanding Metadata Leakage

Passive network observers can learn quite a lot about a set of communications, even if it's encrypted. In particular, they can learn:

  • geographical locations
  • sequence of messages
  • size of messages sent and received
  • times of day communications took place
  • identity of ALL communication partners and the entire social graph

The Anonymity Trilemma

Let's also consider the Anonymity Trilemma paper where we have:

  • strong anonymity
  • low latency
  • high bandwidth

The trilemma tells us that if we choose strong anonymity then we can only choose either low latency or high bandwidth but not both. Therefore high bandwidth and low latency anonymity systems like Tor and I2p are considered to provide weak anonymity AND it is impossible to make them have strong anonymity without compromising on either the latency or bandwidth.

Decryption Mix Networks and Bitwise Unlinkability

In a decryption mix network the mix nodes are cryptographically transforming packets by removing a layer of encryption. Therefore the input packets will look completely different from the output packets due to this transformation. We say that this gives us a bitwise unlinkability property where the passive network observer would not be able to link input messages with any of the output messages by merely looking at the bits within the message.

Mixing Strategies and Latency

Mix nodes, in addition to cryptographically transforming packets, also add latency in accordance with their mixing strategy. To start, let's consider the threshold mixing strategy, which accumulates packets until a threshold number of packets is reached, and then it shuffles and sends the packets onto the next hop. In this case, if the threshold is set to 5 but there are only 4 messages dwelling in the mixing queue, then those messages will wait forever or until a 5th messages is received. An adversary would have a 1 in 5 chance at guessing the link between an input message and an output message. So, for a real mixnet, we'd want to set the threshold to 1000 or 10000 or other quite high values in order to make it very difficult for adversaries to break our privacy notions.

Cascade of Mix Nodes and Solving Availability

Consider that if we had a cascade of mix nodes: A -> B -> C -> D -> E

A client sends the message to mix A, which sends it to mix B, and so on. This design provides us with the Anytrust model because we have more than one mix in our route, which is assumed to be operated by multiple entities, also known as security domains. However, the design does not offer high availability. If any mix node in the route fails, then the entire network has failed and will not route messages.

The academic mixnet literature solves this problem in two distinct ways:

  1. multiple cascades
  2. stratified topology

Choosing the Right Topology

There are many other possible topologies for an anonymous communications network. However, it should be noted that the disadvantage is "free route", where any mix node can talk to any mix node, is that this reduces the amount of mixing entropy. Adversaries will be maximally uncertain if either stratified topology or multiple cascades are used, as concluded in Impact of Network Topology on Anonymity and Overhead in Low-Latency Anonymity Networks.

Stratified Topology vs Multiple Cascades

Either we provide users of the mixnet with multiple cascades of mix nodes, or we arrange the mix nodes into a statified topology, which is a network where all the mix nodes are arranged into "routing topology layers", which are an ordered set of disjoint sets of mix nodes. Each layer as a unique set of mix nodes; mix nodes in Layer 1 are only allowed to send messages to mix nodes in Layer 2, and likewise, Layer 2 mix nodes can only send messages to mix nodes in Layer 3, and so on.

Conclusion

Mix networks provide strong anonymity in digital communications by effectively resisting traffic analysis. Unlike Tor, mixnets use cryptographic transformations and mixing strategies to obscure communication patterns, ensuring high privacy levels. Utilizing the Anytrust model and stratified topologies or multiple cascades, mixnets offer robust solutions for preserving user anonymity. While they address metadata leakage, mixnets do not solve broader issues like surveillance capitalism. As research progresses, mixnets will continue to evolve, enhancing secure and anonymous communications. The 0 Knowledge Network (0KN) is at the forefront of this evolution, leveraging these advanced techniques to provide strong anonymity and security in digital communications, while enabling a new generation of decentralized privacy applications.