Nym network - security theater? They are after all 15+ years behind Tor in terms of development, regardless of how good their design may be.
@HulaHoop for your reading interest. (Whonix wiki also talks about transitioning to/pairing with a better anonymity network in the future if one emerges. Maybe this mixnet has potential.)
Abstract. The Nym network (“Nym”) is a decentralized and incentivized infrastructure to provision privacy to a broad range of message-based applications and services. The core component of Nym is a mixnet that protects network traffic metadata for applications, providing communication privacy superior to both VPNs and Tor against global adversaries that can watch the entire internet. Nodes in the mixnet are rewarded via a novel proof of mixing scheme that proves that mix nodes are providing a high quality of service. Rewards given by NYM tokens allow anyone to join the Nym network and enable asustainable economic model for privacy. NYM tokens can be transformed into anonymous credentials that allow users to privately prove their “right to use” services in a decentralized and verifiable manner. The Nym network can serve as the foundation for a vast range of privacy-enhanced applications that defend the fundamental freedoms of people across the globe against traffic analysis by powerful adversaries.
How does Nym compare to VPNs?
The most popular network-level privacy solution currently is the VPN (virtual private network), which provides network-level protection via an encrypted tunnel between a user’s computer and one run by a VPN provider. VPNs are often misconfigured, however, and even when configured correctly, don’t offer real privacy or adequate resistance to censorship.
VPN providers can also fully observe all network traffic between users and the public internet, knowing exactly what services its users are accessing at a given time. The user must trust that the VPN provider is not using their information in a malicious manner or keeping logs.
The Nym mixnet is an anonymous overlay network that provides strong network-level anonymity, even in the face of powerful systems capable of passively monitoring the entire network. The mixnet is decentralized, with no trusted third parties, and so does not require a trusted provider like a VPN. More importantly, Nym provides superior privacy to VPNs and can support high-quality of service and low latency through incentives.
How does Nym compare to Tor?
Tor is the best-known anonymous overlay network today. Unlike VPNs, Tor provides a ‘circuit’ of three hops that provides better privacy than single-node VPNs, so any single node in Tor can’t deanonymize traffic. Tor’s onion-routing encrypts traffic between each hop so that only the final hop, the Tor ‘exit node’, can decrypt the package.
However, Tor’s anonymity properties can be defeated by an entity that is capable of monitoring the entire network’s ‘entry’ and ‘exit’ nodes, because while onion-routing encrypts traffic, Tor does not add timing obfuscation or use decoy traffic to obfuscate the traffic patterns which can be used to deanonymize users. Although these kinds of attacks were thought to be unrealistic when Tor was invented, in the era of powerful government agencies and private companies, these kinds of attacks are a real threat. Tor’s design is also based on a centralized directory authority for routing.
While Tor may be the best existing solution for general-purpose web-browsing that accesses the entire internet, it is inarguable that mixnets are better than Tor for message-passing systems such as cryptocurrency transactions and secure messaging, and we believe well designed incentives can also enable the use of Nym as a general purpose decentralized VPN. The Nym mixnet provides superior privacy by making packets indistinguishable from each other, adding cover traffic, and providing timing obfuscation. Unlike both previous mixnet designs and Tor, the Nym mixnet decentralizes its shared operations using blockchain technology and uses incentives to both scale and provide censorship-resistance.
How does Nym compare to I2P?
I2P (‘Invisible Internet Project’) replaces Tor’s directory authority with a distributed hash table for routing. How to design a secure and private distributed hash table is still an open research question, and I2P is open to a number of attacks that isolate, misdirect, or deanonymize users. Like Tor, I2P is based on ‘security by obscurity’, where it is assumed that no adversary can watch the entire network. While security by obscurity may have been cutting-edge at the turn of the millennium, such an approach is rapidly showing its age.
Nym’s cutting-edge mixnet design guarantees network anonymity and resistance to surveillance even in the face of powerful deanonymizing attacks. Unlike I2P, Nym adds decoy traffic and timing obfuscation. Rather than a centralized directory authority or distributed hash table, Nym uses blockchain technology and economic incentives to decentralize its network.The Nym mixnet can anonymize metadata even against government agencies or private companies who can monitor network links and observe the incoming and outgoing traffic of all clients and servers.
Does Nym scale?
As privacy loves company, systems wanting to ensure network-level privacy should scale to millions, if not billions, of users – but existing anonymous communication designs that scale to millions of users are secure only against weak adversaries or otherwise require high latency, while existing systems offering strong anonymity scale only vertically.
Nym’s mixnet design combines strong security properties with horizontal scalability, enabling it to operate effectively even with millions of users. The Nym network increases in speed as more traffic and users are added, as less cover traffic and timing obfuscation are required as the anonymity set grows.
Networks like Tor and I2P suffer for lack of an economic incentive system, leading to poor performance and difficulty scaling. Tor is dependent on crowdfunding and government grants that don’t cover the costs of running and maintaining its own network relays. There are no incentives to run a Tor relay, much less a higher-risk entry or exit node, so Tor has trouble adding the nodes necessary to scale with increased traffic. One sign of Tor’s lack of an incentive model is the geographic uniformity of its relay locations.
In contrast, Nym uses economic incentives to ensure the system always scales to meet any increase in demand.