Section 26.4. Technical Challenges to Guessing the Number of Users in a Network

26.4. Technical Challenges to Guessing the Number of Users in a Network

In addition to the social problems we've described that make it difficult for a typical user to guess which anonymizing network will be most popular, there are some technical challenges as well. These stem from the fact that anonymizing networks are good at hiding what's going oneven from their users. For example, one of the toughest attacks to solve is that an attacker might sign up many users to artificially inflate the apparent size of the network. Not only does this Sybil attack increase the odds that the attacker will be able to successfully compromise a given user transaction,^[9] but it might also trick users into thinking that a given network is safer than it actually is.

^[9] John Douceur, "The Sybil Attack," Proceedings of the 1st International Peer to Peer Systems Workshop (IPTPS) (March 2002).

And finally, as we saw when discussing JAP, the feasibility of end-to-end attacks makes it hard to guess how much a given other user is contributing to your anonymity. Even if he's not actively trying to trick you, he can still fail to provide cover for youbecause his behavior is sufficiently different from yours (he's active during the day, and you're active at night), because his transactions are different (he talks about physics, you talk about AIDS), or because network design parameters (such as low delay for messages) mean the attacker is able to track transactions more easily.