Phantom Anonymity Protocol

The Phantom anonymity protocol was designed to provide anonymity optimized for the current conditions and needs of average users around the globe, and thus with an aim to have the possibility for mass adoption as a de facto anonymization standard. Many similar protocols like e.g. TOR does not take this perspective, and thus has not had any wider adoption among the masses. The aim with the Phantom protocol is to change this, and to provide secure anonymity to everyone, including the non-technical masses.

The protocol was created by the Swedish security researcher Magnus Bråding, and was first [http://www.defcon.org/html/defcon-16/dc-16-speakers.html#Brading presented] at the IT security and hacking conference DEFCON 16 in Las Vegas 2008.

Details

One of the most important aspects of the protocol is that it is completely distributed and decentralized, making it much more resilient to censorship and shut down than e.g. TOR.

The protocol design comes from eight important design goals, which are the following:

1. Completely decentralized.
- No critical or weak points to attack or put (il)legal pressure on.

2. Maximum resistance against all kinds of DoS attacks.
- Direct technical destructive attacks will practically be the only possible way to even attempt to stop it.

3. Theoretically secure anonymization.
- Probabilistic methods (contrary to deterministic methods) must be used in a completely decentralized design like this, where no other peer can be trusted, so focus is put on optimizing these methods.

4. Theoretically secure end-to-end transport encryption.
- This is simple in itself, but still important in the context of anonymization.

5. Completely (virtually) isolated from the "normal" Internet.
- No one should have to worry about crimes being perpetrated from their own IP address.

6. Maximum protection against identification of protocol usage through traffic analysis.
- You never know what the next draconian law might be.

7. Capable of handling larger data volumes, with acceptable throughput.
- Most existing anonymization solutions are practically unusable for (or even prohibit) larger data volumes.

8. Generic and well-abstracted design, compatible with all new and existing network enabled software.
- Software application developer participation should not be needed, it should be easy to apply the anonymization to both new and already existing products like e.g. web browsers and file transfer software.

External links

Detailed (but still easy to understand) information about the protocol, its background, motivations, design goals and design is available in the material from the conference, i.e. the [http://www.fortego.se/phantom-paper.pdf white paper] and the [http://www.fortego.se/phantom-pres.ppt presentation slides] (containing several pedagogical animations etc).

More current information, and a [http://groups.google.com/group/phantom-protocol discussion group] , [http://code.google.com/p/phantom/wiki/MainPage wiki] and [http://phantom-anon.blogspot.com/ blog] can also be found at the [http://code.google.com/p/phantom/ project website] .