It's no accident that one can see a similar result in timing attacks and information leakage from computer systems (e.g. Spectre and prior art), because in both cases, statistical inferences are being made from observable state.
Though this is an accessible paper that explores communication networks in detail, I'd still like to see more of these analyses conducted from a more abstract, information-theory perspective, and for these results to be broadly applied in various concrete settings.
I wonder if these sorts of fundamental underpinnings don't interface nearly as much with the daily mainstream line-of-business work that much of IT has evolved towards as they do in some other fields of applied science and design.
I always assumed that the lower bound for continuous required bandwidth on a minimum latency anonymous network is the same or more than the peak required bandwidth, as you essentially have to run fixed bandwidth number stations between all nodes with either constant time between packets, or timing being dependent on a high frequency stochastic source.
Does anyone know if any lower bound has been shown to be possible?
Would it be fair to say that Bitcoin picks anonymity and low bandwidth overhead? Or does it not even qualify as anonymity in this sense? It definitely has the high latency.
> We leverage an indistinguishability-based anonymity notion for sender anonymity: the adversaryhas to distinguish two senders of its own choosing
Bitcoin doesn't provide that; a transaction involving one wallet can (if I understand Bitcoin correctly) be distinguished from a transaction involving a different wallet trivially.
It has anonymity only in that personal information is not required, but all the information you do provide (that is, the key that identifies your wallet) is entirely public. A wallet is a pseudonym.
The anonymity of Bitcoin is not the cause of its latency - instead, getting anonymity out of Bitcoin requires extra work by the user (making more wallets, and transferring money between them to avoid having to cluster them all in a multi-input transaction that would identify them all as probably belonging to one person). Getting anonymity would thus require an increase in both latency and bandwidth (from the extra transactions plus any other money-laundering work).
Bitcoin isn't a communication network, so this tradeoff isn't relevant.
That said, if you did try to use it as a communication network, it would be an extremely high bandwidth overhead as anything you send on it gets flood-filled to everyone else on the network. It'd also be somewhat high latency due to low-level details of how transactions are forwarded around the network (the 10 minute block interval isn't really relevant to privacy).
But like I say, Bitcoin isn't trying to be a communication network, so the comparison isn't really valid.
>Bitcoin isn't trying to be a communication network, so the comparison isn't really valid.
It's not literally labeled as a communication network, no, but it can be modeled as one without loss of generality. The messages are communications about changes in balances. What it tries to be does not matter.
My point is Bitcoin isn't designed to be a communication network, so the tradeoffs it makes aren't educational for those just interested in communication networks.
The bitcoin whitepaper describes partitioning identities from transactions. But not anonymity. Realistically, it doesn't provide effective anonymity because if your identity leaks for any one transaction, it's likely leaked for all of your transactions.
Bitcoin itself doesn't provide any network anonymity; it's sort of left as the user's problem. A user can use something like Tor or Dandelion if anonymity is important to them. The high latency is just due to Bitcoin's consensus mechanism.
Bitcoin has nothing to do with anonymity. Or rather, it's designed to minimize anonymity. That is, there's a public blockchain, to help prevent double spending etc.
Though this is an accessible paper that explores communication networks in detail, I'd still like to see more of these analyses conducted from a more abstract, information-theory perspective, and for these results to be broadly applied in various concrete settings.
I wonder if these sorts of fundamental underpinnings don't interface nearly as much with the daily mainstream line-of-business work that much of IT has evolved towards as they do in some other fields of applied science and design.