JAP and Encryption

JAP uses strong encryption between the user's computer and the JAP provider's servers. To be precise, the data sent from the client program is encrypted multiple times. One can imagine it as an onion:

One layer is laid around the data for the last mix in the mix cascade. Only that final mix can remove this layer to get to the data. Another layer is wrapped around this already-encrypted message for second to last mix, a third layer for the third to last mix, and so on.

An asymmetrical kryptographic process is used to insure that each layer is only removed by the correct mix. Asymmetrical kryptographic processes are distinguishable by their use of two keys - one publicly known key used to encrypt the message, and one secret key used to decrypt the message. The secret key is only known by the specific mix station for which the message is meant to be decrypted. Encryption Methods Used:

  • RSA with 1024-bit key length
  • AES with 128-bit key length
To achieve higher efficiency, the message is encrypted symmetrically with AES and only this symmetric key itself is encrypted with the slower asymmetric RSA method. (hybrid encryption)

How Does the Return Path Work?

A further advantage of hybrid encryption is that the response from the internet can be encrypted for each mix using the saved symmetric keys. These keys are known to the JAP client, since JAP created the original message, so JAP can also decrypt the multiply encrypted responses. Basically, the first message sent creates an anonymous, symmetrically encrypted, bi-directional data channel.

Encryption is important for anonymisation for two reasons:

  • It can be determined, that messages are decrypted in the correct order by the real mixes, not from an attacker
  • The messages look different after each decryption. That way, an attacker can no longer make a connection between incoming and outgoing messages based on how the messages look.

The animation shows how the multiply-encrypted messages are decrypted in the mix cascade. Pay attention to the upper incoming message.

Normally, the data is not encrypted all the way to the web server.
This is only possible if the server supports encryption. The server, like the user, needs a program which encrypts and decrypts the data.

An additional encryption (for example with SSL) is therefore necessary for secure data transfer.

JAP only encrypts over the connection between the user and the anonymisation servers.
After the final mix, the data is sent unencrypted to the appropriate server. The encryption is, therefore, only a means to achieve anonymity.

The anonymisation service only encrypts within the red boxes.

back

 

Download

Stable Version
00.19.001


Beta Version
00.19.015


InfoService

Status of available AN.ON services and information about them.


Aktuell / News

Restrictions for the Dresden (JAP) anonymisation servers
After careful consideration we have decided to restrict the size of downloads over the Dresden (JAP) mixes a little. The reason is to allow a more fair use of scarce resources of our servers especially for users who simply want to surf the Web. more...

 

 
---