diff --git a/ANONYMITY.md b/ANONYMITY.md index e61e90c..7e1bfeb 100644 --- a/ANONYMITY.md +++ b/ANONYMITY.md @@ -10,14 +10,14 @@ The short answer is "it depends". The longer answer: -When different parties have different false positive rates. The server can calculate the skew between a party's ideal +When different parties have different false positive rates the server can calculate the skew between a party's ideal false positive rate and observed false positive rate. That skew leaks information, especially given certain message distributions. Specifically it leaks parties who receive a larger proportion of system messages than their ideal false positive rate. i.e. for low false positive rates and high message volume for a specific receiver, the adversarial server - can calculate a skew that leaks the receipient of individual messages - breaking privacy for that receiver. + can calculate a skew that leaks the recipient of individual messages - breaking privacy for that receiver. It *also* removes those messages from the pool of messages that an adversarial server needs to consider for other receivers. Effectively reducing the anonymity set for everyone else. @@ -60,7 +60,7 @@ Under a certain threshold of parties, trivial breaks (i.e. tags that only match Assuming we have large number of parties (_N_), the following heuristic emerges: * Parties who only expect to receive a small number of messages can safely choose smaller false positive rates, up -to a threshold _θ_, where θ > 2^-N. The lower the value of _θ_ the greater the possibility of random trivial breaks for +to a threshold _θ_, where _θ > 2^-N_. The lower the value of _θ_ the greater the possibility of random trivial breaks for the party. * Parties who expect a large number of messages should choose to receive **all** messages for 2 reasons: 1) Even high false positive rates for power users result in information leaks to the server (due to the large diff --git a/Cargo.toml b/Cargo.toml index 6cea079..d95d140 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "fuzzytags" description = "a probabilistic cryptographic structure for metadata resistant tagging" -version = "0.1.2" +version = "0.1.3" repository = "https://git.openprivacy.ca/openprivacy/fuzzytags" authors = ["Sarah Jamie Lewis "] edition = "2018"