|
Phantom Anonymity Protocol
|
The Phantom anonymity protocol is an overlay network protocol designed in 2008 by Swedish security researcher Magnus Bråding to provide anonymity optimized for the current conditions and needs of average internet users. The design goal was feasibility for mass adoption as a de facto internet anonymization standard. This goal differentiates it from other anonymization protocols such as Tor, which have seen only limited adoption among the masses. The Phantom protocol designer hopes to change this situation and provide secure anonymity to everyone, including non-technical people. The protocol was first publicly by Magnus Bråding at the IT security and hacking conference DEFCON 16 in Las Vegas 2008. A first implementation was completed in the second half of 2010 by Johannes Schlumberger, as a final year project at the University of Erlangen-Nuremberg, with initial implementation work also being performed by Michael Prinzinger at the same university. This source code was released to the public in March 2011. Details One of the most important aspects of the protocol is that it is completely distributed and decentralized, making it much more resilient to censorship or attempts to shut it down than existing anonymization protocols like Tor. The protocol design stems from eight goals: # Completely decentralized. #:No critical or weak points to attack or put (il)legal pressure on. # # Maximum resistance against all kinds of DoS attacks. #:Direct technical destructive attacks will practically be the only possible way to even attempt to stop it. # # Theoretically secure anonymization. #:Probabilistic methods (contrary to deterministic methods) must be used in a completely decentralized design like this, where no other peer can be trusted, so focus is put on optimizing these methods. # # Theoretically secure end-to-end transport encryption. #:This is simple in itself, but still important in the context of anonymization. # # Completely (virtually) isolated from the "normal" Internet. #:No one should have to worry about crimes being perpetrated from their own IP address. # # Maximum protection against identification of protocol usage through traffic analysis. #:You never know what the next draconian law might be. # # Capable of handling larger data volumes, with acceptable throughput. #:Most existing anonymization solutions are practically unusable for (or even prohibit) larger data volumes. # # Generic and well-abstracted design, compatible with all new and existing network enabled software. #:Software application developer participation should not be needed, it should be easy to apply the anonymization to both new and already existing products like e.g. web browsers and file transfer software.
|
|
|