It is the title of an interesting paper by Roger Dingledine and Nick Mathewson. They are members of the Free Haven project. This project studies topics such us onion routing (technology used by TOR), or Mixminion an anonymous email network.
The paper presents two challenges: usability and network effect.
- Usability is a typical challenge of security solutions. The authors show that often privacy setting requires technological skills that are opposed to ease of use for everybody. The easy solution is often to delegate security decision to the user, who is not necessarily the best person to decide. This reminds me the security model of Android, where you have to decide (too) many parameters.
- Network effect; efficient anonymity requires to have a lot of traffic to hide within. This rises the problem of bootstrapping. And here is a nice tradeoff. If your system is extremely secure, it will most probably be difficult to use, thus attract fewer people, thus reducing the strength of anonymity. On the other hand, if the system is easy to use, thus less secure, it may attract more users, thus strengthening anonymity.
For instance, in the design of Mixminion, they had to answer the following tradeoff:
Since fewer users mean less anonymity, we must
ask whether users would be better off in a larger network where their messages
are likelier to be distinguishable based on email client, or in a smaller network
where everyone’s email formats look the same.
The three described use cases, Mixminion, TOR, and JAP, are excellent illustrations of the issues. An excellent paper.
Citation: N. Mathewson and R. Dingledine, “Anonymity Loves Company: Usability and the Network Effect,” Proceedings of the Fifth Workshop on the Economics of Information Security WEIS 2006, pp. 547-559.