JAP at CeBIT 2002
[ English | German
]
CeBIT 2002
You can find more information on the CookieCooker here.
We presented our projects at CeBIT
in Hannover from 13.-20.3.02 in hall
11 stand
D27.
You can download our
A Tool For Privacy
 Using
Internet services nowadays means leaving digital traces. More and more companies
try to use these traces to create individual profiles of Internet users.
We help people to protect their E-Privacy: The JAP software provides
anonymous and unobservable communication in the Internet. Upon this basis any
privacy related Internet service could be built. Just imagine drug-related advisory
services or medical information services. Even in the field of E-Commerce anonymity
plays a big role. Most people are not happy receiving Spam E-Mail as a result
of their Internet activities. Other examples are Online-voting or political
chat rooms.
Web Surfing without Traces
We offer an easy-to-use open-source software for everybody:
JAP helps to protect your privacy and covers all digital traffic. Most existing
systems for anonymous communication reduce the security to achieve higher performance.
Our final system provides strong anonymity; i.e. the system withstands so-called
traffic analysis. That means, even an adversary who could eavesdrop on any Internet
communication or link, will not get any information about who is communicating
with whom.
Our System: JAP
The system consists of a client software (called JAP) and a chain of multiple
intermediate servers. Two scenarios using JAP are thinkable:
- JAP helps to protect your personal privacy. JAP can be installed on the
user's computer to protect his or her Internet activities. This is very useful
for private Internet usage.
- JAP helps to protect your organization. JAP can also be installed on a dedicated
machine, for example on a proxy or firewall. JAP now serves as a privacy gateway
for the entire company, and there is no need to install software on the user's
workstation. This might be very useful for companies in order to hide their
transactions and/or research activities in the Internet against observation
by competitors or against other spying activities.
How it works
JAP acts as a local proxy between the browser and the insecure Internet. All
web pages requested by the browser go directly to JAP, and are multiply encrypted
there. The encrypted messages travel through a chain of servers (named Mixes
by the inventor of the theoretical background, David Chaum) to the final destination
in the Internet. Figure 1 illustrates the architecture of the system.
Multiple layers of encryption protect all messages. A Mix samples messages in
a batch, changes their coding (removes one layer of encryption) and forwards
them all at the same time, but in a different order. All messages have the same
length. An adversary may observe all communication links, however he cannot
decide which incoming and outgoing packet belongs to each other. A surfer remains
anonymous within the group of all users of the service. The system
definitely protects your privacy as long as at least one Mix works correctly. Unfortunately,
nobody knows whether a Mix is actually trustworthy or not. Remember that the
entire chain has to be corrupt to successfully observe the user's activities.
Therefore we use a chain of Mixes. The chaining also prevents Mixes from observing.
This is the meaning of strong anonymity: Even the anonymity service itself cannot
spy.
The challenge
We are looking for partners - ISPs, IT security companies, networking companies,
privacy commissioners - who are willing to operate a Mix and would like to support
the idea of providing a world wide anonymity service. We are open to partners
who want to discuss commercialization of our service.
The client program (JAP) is running on the Java platform. JAP works on all
major platforms, for instance Windows, Macintosh, Linux, Solaris etc. The Mix-servers
are written in C++ and work on many different platforms including Windows NT,
Linux, Solaris, Irix and other Unix-like operating systems.
JAP and Mixes are Open-Source software. Everyone may inspect it and convince
himself, that the software provides the expected functionality and does not
have hidden trapdoors.
JAP is a joint project with the privacy commissioner of Schleswig-Holstein/Germany.
This project is sponsored by the Federal Ministry of Economics and Technology.
Contact information
Technical University Dresden
Institute for System Architecture
Stefan Köpsell
D-01062 Dresden, Germany
E-Mail: jap@inf.tu-dresden.de
© 2002 JAP Team
| 
