\section{Attacks on the Infrastructure and Documents}

\subsection{Attacks on Documents or the Servnet}

\begin{itemize}
\item Attack the time-synchronization protocol to make files expire
earlier than expected. 

{\it Prevention:} We rely on the ability of servnet node operators to
maintain accurate or near-accurate time on their systems. Presumably if
an adversary has the capacity to successfully attack a system's time
server or the link to
the time server, then the adversary can do other attacks as well. This is
something for servnet node operators to bear in mind, though, since some
additional checks to make sure the time cannot be changed by very much delta
per time period could well make Free Haven more robust.

\item Go find a physical servnet node, and prosecute the owner based
on its contents.

{\it Prevention:} Because of the isolated-server document-anonymity
property that the Free Haven design provides, we
hope that the servnet operator will be able to claim plausible
deniability over knowledge of the data stored on his computer.

\item Physically destroy a servnet node, to attack the integrity of
the data in the network.

{\it Prevention:} Because we are breaking documents into shares and only
$k$ of $n$ shares are required to reconstruct the document, losing some fraction
of the servnet nodes should not affect availability of documents in the
system.

\item Claim that the servnet or mixnet concept is patented or
otherwise illegal.  Sue the Free Haven Project and any known node
administrators.

{\it Prevention:} We rely on the notion of jurisdictional arbitrage to
maintain the integrity of the servnet in the face of loss of some parts
of it due to legal or government attacks. Information illegal in one place is
frequently legal in others.  Global oppression of a piece of
information is relatively rare.  The content-neutral policies mean that there is
no reason to expect that the server operator has looked at the data he holds, which
might make it more difficult to prosecute.

\item Attack the generosity of individuals: increase the personal cost
of running a servnet or mixnet node, either by adding a monetary cost
to moving large quantities of data around, or by adding a bad
reputation such as ``harboring terrorist data and kiddie porn''.

{\it Prevention:} Owning a node of this
service is going to put an administrator in a potentially tricky
situation.  We rely on the Hacker ethic and a commitment to free
information flow to provide volunteers who believe these risks are
worthwhile.

\item Denial of service attack on the servnet: continued flooding of
queries for data or requests to join the servnet may use up all available
bandwidth and processing power for a node.

{\it Prevention:} In short, we must assume that our communications channel
has adequate protection and buffering against this attack. Most communications channels
we are likely to choose will not protect against this attack. This is a
real problem.

\item Trade until a sufficient fraction of an objectionable document is controlled by a group of
collaborating servers, and then destroy this document.

{\it Prevention:} We rely on the overall size of the servnet to make it
statistically unlikely for any given server or group of collaborating
servers to obtain a sufficient fraction of the shares of any given document.
We really on the accountability from the buddy system to make it
unprofitable to destroy a share without also destroying its buddy.
This attack is actually more complicated than just hoping to possess enough
shares of a document at a given instant in time: adversaries can obtain
control over certain shares and then refuse to trade those shares away. This
means that an adversary might over time increase the fraction of the document
that he controls. The timing and frequency of trades must be modelled, based on
the expected size of the servnet, to choose parameters that prevent this attack.

\item Conspire to make a cause ``unpopular''.  Convince servnet node
administrators that they don't want to be hosting data for these
unpopular causes, and that they should manually prune their data.

{\it Prevention:} We rely on the judgment of servnet administrators to choose
to support any and all content, if they can get away with it in their jurisdiction.
We rely on having enough servnet nodes in enough different jurisdictions that
organizations cannot conspire to bully a sufficient fraction of servers to make
Free Haven unusable.

\item Insert false shares of a file into the servnet.

This is not really an attack per se, because there is no such thing as a false share. 
Any set of bits at all is an acceptable share, if you can convince another node
to accept a trade for it and provide a receipt. On the other hand, 
trading away a share implies a contract to store some other share. Thus the ability
to insert shares, whether `false' or valid, is limited by the ability of that server
to provide space for the share it receives in return.

Altering (or `spoofing') a share cannot be done,
because the share contains a particular public key, and is signed by that key; without
knowledge of the original key which was used to create a set of shares, an adversary
cannot forge new shares for a given document.

\end{itemize}

\subsection{Attacks on Anonymity}

In addition to the above attacks which focus on reducing availability of
documents within Free Haven, there are also a number of attacks which
focus on increasing knowledge of the identity of one of the agents in
Free Haven.

\begin{itemize}
\item Attacks to determine the identity of a reader include:

\begin{itemize}
\item Spread a Trojan horse, worm, or virus and look for signs that
somebody has been infected.
\item Develop a customized virus which automatically contacts a given
host upon execution.
\item Become a server, and provide extra information for document
responses.  We hope the mixnet will protect against most attacks of
these sort, but the mixnet cannot protect against end-to-end attacks.
\item Become a node on both the servnet and the mixnet, and attempt
an end-to-end attack, such as correlating message timing with document
requests.
\item Include mime-encoded URLs in a document, and exploit
reader software to automatically load these URLs.
\item Offer a large sum of money for information leading to readers of
a given document.
\item Attack to find people interested in a particular document:
claim to have one, and see who requests it.
\item Become a server, and simply monitor queries and record the
source of each query.
\item Correlate readers based on the material they download; try to
build statistical profiles and match them to people (outside Free Haven)
based on activity and preferences. This would develop into a directed
marketing campaign similar to Amazon's: ``People who have downloaded
this share may also like the following shares.''
This last attack is perhaps the most insidious one,
since corporations with a lot of resources might want to take advantage
of internet publication services to gain more information about users;
we prevent this attack by using each reply block for only one transaction.
\end{itemize}

\item Attacks to determine the identity of a server include:

\begin{itemize}
\item Create unusually large shares, and try to reduce the set of known
servers who might have the capacity to store such shares. This attacks
the partial anonymity of these servers.
\item Spread a Trojan Horse or worm which looks for Free Haven servers
and examines or reports which shares they are currently storing.
\item Become a servnet node, and collect information as other nodes
send us mail or lists of nodes.
\item Attempt to map servnet topology, and correlate nodes that are
`close' in the servnet with nodes that are `close' geographically.
\item Become a node on the mixnet, and attempt to correlate message
timing with trade requests or trust broadcasts.
\item Offer a large sum of money for information leading to the current
location of a given document or share in the Servnet.
\end{itemize}

\item Attacks to determine the identity of a publisher include:

\begin{itemize}
\item Become a server and log publishing acts. Correlate source or timing.
\item Look at servers who might recently have published a document, and try
to determine who has been communicating with them recently.
\item Offer a large sum of money for information leading to the current
location of a given document or share in the Servnet.
\end{itemize}
\end{itemize}

We avoid or reduce the threat of many of these attacks by using a mixnet
for our communications. This prevents most or all adversaries from
being able to determine the source or destination of a given message,
or correlate either endpoint of a set of messages. Other attacks,
including social attacks, are much more difficult to anticipate and
protect against. Agents and users who follow the protocol and use basic
common sense will be more likely to maintain their anonymity.