Analyse possible during-protest inferences/linking

dbosk / crocus

Securely and privately verifiable protests

Other

0 stars 0 forks source link

Analyse possible during-protest inferences/linking #58

Open dbosk opened 6 years ago

dbosk commented 6 years ago

From #57 .

Analyse whether a social graph can be constructed from either communication or proof shares. Proof shares should be fine, since they are unlinkable.

The communication might actually reveal this, e.g. a witness uploads NIZK proofs for all witnessed proof shares (see #32). Also the submission pattern to the blockchain. This is reduced to traffic analysis.

dbosk commented 6 years ago

I think we should have a short discussion about traffic analysis at the submission stage.

If Grace can monitor all connections within the country (reasonable), she can monitor Alice as she submits her proof to the blockchain. However, as the miner collects many transactions, Alice should have plausible deniability that she submitted one of the other transactions --- but not deniability/receipt freeness as Grace can verify if she accesses Alice's device.

dbosk commented 6 years ago

Of course there will be problems when witnesses submits proofs in bulk, not much room left for other transactions then. But I suppose witnessing can be less sensitive most of the time, but not always.

dbosk commented 5 years ago

Proofs cannot be submitted in bulk, then all the NIZK proofs must be computed during the protest.