Jump to content

Nym (mixnet)

From Wikipedia, the free encyclopedia
Nym (mixnet)
Developer(s)Nym Technologies
Initial releaseDecember 2019
Stable release
v2025.2 "Hu" / February 2025
Preview release
v2025.3 "Ruta" / February 2025
Repositorygithub.com/nymtech/nym
Written inRust
Operating systemLinux
Available inEnglish
TypeAnonymity
LicenseGNU General Public License version 3
Websitenym.com

Nym is an evolving mix network (mixnet), a type of computer network infrastructure for privacy that masks user metadata, separating source and destination IP addresses.[1][2][3][4][5] It anonymizes various types of communication, including messaging, files transfers, payments transactions, and web browsing on basic websites.[6] The project is built on free and open-source software and is decentralized, maintained by a distributed set of independent nodes worldwide.

Nym is sometimes compared to anonymity networks such as Tor and I2P,[7][8][9][10][11] although it differs in some aspects. Unlike these, Nym does not support hidden services (e.g. .onion sites on Tor or eepsites on I2P).[12]

Data packets sent through the Nym mixnet are encrypted in multiple layers and routed through a series of nodes, including an entry gateway, three "mix nodes", and an exit gateway to the internet. To mitigate traffic analysis risks, packets are standardized to a uniform size, mixned with cover traffic, and transmitted with randomized timing to obscure traffic patterns.[13] These methods aim to make it more difficult for adversaries with broad surveillance capabilities to correlate incoming and outgoing data flows.[14]

Users can interact with the network via "NymVPN", a client application, or integrate Nym functionality into third-party applications using its software development kit (SDK).

History

[edit]
Further information: Mix network § History

The concept of a mix network (mixnet) was introduced by David Chaum in 1979 and later published in 1981.[15] The cypherpunk movement contributed to the development of mixnets in the 1990s, though their practical applications remained limited, primarily in the form of anonymous remailers. In the 2000s, some anonymous communication networks—most notably Tor—incorporated principles of mixnets, though Tor itself is based on onion routing rather than a mixnet implementation.

The Nym mixnet originates from two Horizon 2020 research projects funded by the European Commission following the revelations on mass internet surveillance by the U.S. and U.K. governments:[6][8] Panoramix[16][17] (2015–2019) and NEXTLEAP[18][19] (2016–2018). These projects contributed to advancements in mixnet technologies, leading to the foundations of Nym in 2017:

  • Harry Halpin, then a computer scientist at INRIA, conceived of the idea after a discussion with Adam Back in 2017 on how to improve online privacy through a decentralized computing network that could take advantage of spare computing power to mix packets.[20]
  • Cryptographers Ania Piotrowska and George Danezis of University College London (UCL) introduced the "Loopix"[21] architecture, which influenced Nym.[6][8] Loopix integrated existing privacy-enhancing techniques to strengthen mixnet properties, including "Sphinx" packet format,[22] cover traffic,[23] exponential mixing delays,[24] a layered network topology, and Poisson-process-based packet transmission.

In 2018, Harry Halpin white-boarded the idea to Moxie Marlinspike and Trevor Perrin of Signal and decided to launch Nym. An alpha version of Nym was presented at the 36th Chaos Communication Congress (36C3) in December 2019.[13][25] In February 2021, a white paper[26] co-authored by Harry Halpin, Claudia Diaz (KU Leuven), and Aggelos Kiayias provided details on Nym’s technical and operational design.

In 2021, Chelsea Manning, a former U.S. Army intelligence analyst and whistleblower, conducted a security audit of Nym[27] to identify potential vulnerabilities. In January 2022, she joined the Nym development team[28][29] as a security consultant and public relations advisor.

The launch of the live Nym network took place on April 14, 2022, at Station F in Paris,[30] with Edward Snowden as a keynote speaker. In June 2022, Claudia Diaz, Harry Halpin, and Aggelos Kiayias introduced a reward-sharing scheme designed to incentivize operators within mix networks.[31] As of February 2025, the Nym mixnet remains under active development.

Stakeholders

[edit]

Nym is structured around a mix network architecture,[26] incorporating three primary roles: users, node operators, and validators. The network operates on an incentive-driven economic model designed to maintain its functionality and decentralization.[11][32][33]

  • Users send network traffic through Nym to enhance the privacy of their online activities and communications.
  • Node operators manage two types of node roles:
    • Gateways act as entry and exit points to the network. They verify whether a user has access credentials and forward packets either to the inner "mix nodes" (entry gateways) or to the internet (exit gateways).
    • Mix nodes, which process traffic by decrypting and mixing packets before forwarding them, ensuring that communication patterns are obfuscated.
  • Anyone with technical expertise can download the Nym server software and become an operator, similar to how Tor relays function.[34] A decentralized reward and reputation system is used to monitor operators' with the goal of promoting network stability and efficiency.
  • Validators maintain a distributed ledger that stores public information about active nodes and their rewards. They also issue anonymous access credentials using zero-knowledge proofs and digital signatures, allowing users to authenticate without revealing their identity.

A utility token serves two primary purposes:[8]

  1. Compensating operators and validators for contributing to network infrastructure, ensuring the network adapts to user demand.
  2. Maintaining network quality through:
    • A reputation system that prioritizes high-performance operators based on reliability, speed, and latency.
    • Mitigation of Sybil attacks by making it resource-intensive for malicious entities to gain control over a significant portion of the network.

This architecture is designed to support a decentralized governance model, where incentives align with privacy preservation and network security.

Technical architecture

[edit]

Access control

[edit]

Initial access to the network is managed through anonymous access credentials which usage unlinkable from payment[35] and digital signatures. This cryptographic approach enables users to authenticate their access rights to each node without disclosing any identifiable information, thereby enhancing the network's privacy.

Network architecture with dynamic reconfiguration

[edit]

The Nym mixnet consists of a five-layer network architecture, maintained by independent node operators.

  • Entry gateways: The first layer consists of entry gateways, which serve as access point to the network. Users can select a gateway based on criteria such as reputation, performance, or geographic location.
  • Three layers of mix nodes: The core of the mixnet consists of three layers of mix nodes, structured in a stratified architecture. This design is intended to balance privacy protection, network resilience, and efficiency in maintaining inter-node connections.[36]
  • Exit gateways: The final layer consists of exit gateways, which forward traffic to the public internet. Users can select an exit gateway similarly to how they choose an entry one.

The topology of the three mixing layers is updated hourly to improve privacy. Before the start of each epoch:

  • A subset of mix nodes is selected to route network traffic, based on a reputation system that evaluates quality of service metrics.
  • The selected nodes are then randomly assigned to different layers, reducing the risk of malicious actors strategically positioning themselves within the network to monitor or manipulate traffic.

Privacy-preserving mechanisms

[edit]

Nym employs several privacy-enhancing techniques to protect both the content of communications and associated metadata.[2][3] Metadata can reveal information about user activity and communication patterns, making it a target for traffic analysis and mass surveillance. The mixnet aims to resist global adversaries with significant resources, including those capable of network-wide monitoring, cryptanalysis, advanced statistical analysis, or active participation through malicious nodes.[36]

  • Uniform packet size: Messages transmitted through the mixnet are divided into fixed-size packets using the "Sphinx"[22] packet format. Standardizing packet sizes helps prevent traffic correlation attacks based on message length.
  • Layered encryption: Similar to onion encryption in Tor, each packet is encapsulated in five layers of encryption. As packets traverse the network, each node decrypts only its assigned layer before forwarding the packet. The final node in the sequence is the only one that knows the ultimate destination of the packet.
  • Randomized packet transmission: Packets are emitted by the user at random intervals, following a Poisson process.
  • Cover traffic injection: Users generate and send dummy packets to accompany real messages. This prevents adversaries from identifying active communication and makes correlation attacks more difficult.
  • Temporal reordering at mix nodes: Following the standard mix network model, each mix node introduces random delays (following an exponential distribution) and reorders packets before forwarding, rather than forwarding them when they become available. This also aims to disrupt timing correlation between packet input and output, making traffic analysis more challenging.

Cryptographic mechanisms

[edit]

Nym employs open-source cryptographic protocols such as WireGuard and the Noise Protocol Framework[37] to enable secure and anonymous packet transmission. The client establishes a secure communication channel with an entry gateway and then encrypts each packet in five layers—one for the exit gateway, three for the mix nodes, and one for the entry gateway. As the packet traverses the network, each node decrypts only its designated layer, before forwarding it to the next node.

To initiate communication, the client selects an entry gateway and establishes a secure channel using:

Before transmission, the client encrypts each packet in five successive layers, corresponding to the nodes it will traverse:

  • Three mix nodes and exit gateway: A four-layer "Sphinx"[22] packet encryption:
    • Packet headers are encrypted using AES-CTR (stream cipher mode).
    • Packet contents are encrypted using Lioness Wide Block Cipher.[22]
  • Entry gateway: The outermost encryption layer is secured using AES-GCM 256-bit for confidentiality and integrity purposes.

According to Nym’s 2025 roadmap, plans exist to integrate post-quantum cryptographic resistance as the development team has proposed replacing the Sphinx packet format with a new, lighter format known as “Outfox”,[38] which is intended to optimize network efficiency while maintaining strong anonymity guarantees.

Research and Development (R&D)

[edit]

The mixnet originates from academic research, with technologies associated with the project regularly presented at scientific conferences[39] in cybersecurity and cryptography, including USENIX,[21][40][41] NDSS,[42][43][44] and Privacy Enhancing Technologies Symposium (PETS).[45][46][47][48][49][50] The project continues to be developed in collaboration with research institutions, such as KU Leuven (through the COSIC[51] research group) and EPFL (via the SPRING[52] lab). Several other research teams working on privacy-enhancing technologies, cryptography, and decentralized systems have published research articles covering the Nym mixnet design.[53][54][55][56]

The development of Nym is guided by a scientific advisory board and external advisors,[57] comprising researchers and practitioners in computer science, networking, cryptography, and privacy protection. Notable members include :

Practical considerations

[edit]

User experience

[edit]

Users can access the Nym mixnet through the "NymVPN" client, which is available with both a graphical interface and a command-line interface, or by integrating the network into third-party applications using software development kits (SDKs). The privacy features of Nym share similarities with Virtual Private Networks (VPNs) and Tor, particularly in masking the user’s IP address and obfuscating their location. Additionally, Nym is designed to conceal metadata, a factor often exploited in mass surveillance and traffic analysis systems.

Adoption challenges

[edit]

Independent tests[62][63] conducted by technology media in 2024–2025 indicate that, in practice, the Nym mixnet introduces noticeable latency, which limits its suitability for real-time applications and mainstream adoption–unlike more widely used privacy-enhancing technologies developed over the past decade, such as Brave for private browsing, Proton Mail for encrypted email, and DuckDuckGo for anonymous search. Mixnets are considered more appropriate for latency-tolerant use cases, such as messaging, emailing, data transfers, batch processing, and IoT applications.

Privacy properties

[edit]

While the Nym mixnet aims to offer enhanced privacy features, researchers acknowledge that privacy-enhancing technologies and surveillance methods evolve over time, leading to a continuous adaptation between anonymization techniques and traffic analysis strategies.[6] An emerging technology, mixnets such as Nym have yet to be extensively validated on a large scale.

More specifically, research has identified several potential vulnerabilities in the “Loopix” mixnet architecture, which serves as the foundation for Nym. These concerns include susceptibility to traffic analysis, the possibility for entry gateways to discern user information, the substantial amount of cover traffic required to ensure the claimed privacy properties, and the risks of exposure to malicious service providers, including complete paths being compromised.[48][56]

Security properties

[edit]

The Nym software, which powers the network, is open-source and distributed under the GPLv3 license. Its source code is publicly available on GitHub, allowing for independent review and audits by the security community. Nym has undergone several security audits, including by cryptographer Jean-Philippe Aumasson (2021), Oak Security (2023),[64] Cryspen (2023–2024) and Cure53 (2024).[65] However, it does not currently have a public bug bounty program to encourage the reporting of vulnerabilities.

Energy consumption

[edit]

Mix networks enhance user privacy by employing multi-layered encryption and routing data through 5-hop connections. This process introduces additional computational overhead compared to single-hop connections, increasing energy consumption. The generation of cover traffic—artificial packets designed to obfuscate real data flows—further increases data transmission volumes and energy usage. Some analyses suggest that this overhead could be up to ten times greater than that of traditional internet traffic.[6]

See also

[edit]
[edit]
  • "The Future of Privacy on The Internet - Nym launch with Harry Halpin and Edward Snowden in Paris" (video). youtube.com. Nym. April 15, 2022.

References

[edit]
  1. ^ Ehrlich, Steven. "Your VPN May Not Be Private. This Blockchain Startup Nym Has A Fix". Forbes. Retrieved 2025-02-21.
  2. ^ a b Risen, James; Poitras, Laura (2013-09-28). "N.S.A. Gathers Data on Social Connections of U.S. Citizens". The New York Times. ISSN 0362-4331. Retrieved 2025-02-21.
  3. ^ a b Ball, James (2013-09-30). "NSA stores metadata of millions of web users for up to a year, secret files show". The Guardian. ISSN 0261-3077. Retrieved 2025-02-21.
  4. ^ Szoldra, Paul. "Leaked NSA document says metadata collection is one of agency's 'most useful tools'". Business Insider. Retrieved 2024-07-24.
  5. ^ Chiara Castro (2024-10-08). "Metadata privacy matters – and this VPN promises to help". TechRadar. Retrieved 2025-02-21.
  6. ^ a b c d e Volpicelli, Gian M. "This startup is working to bring full anonymity to the internet". Wired. ISSN 1059-1028. Retrieved 2025-02-23.
  7. ^ Andreas Kramer, Filip Rezabek∗, Richard von Seck∗ (June 2023). "Recent Advancements in Privacy Preserving Network Layer Approaches" (PDF). Retrieved 16 February 2025.{{cite web}}: CS1 maint: multiple names: authors list (link)
  8. ^ a b c d Lomas, Natasha (2021-07-16). "Nym gets $6M for its anonymous overlay mixnet to sell privacy as a service". TechCrunch. Retrieved 2025-02-23.
  9. ^ "The Differences Between Onion Routing and Mix Networks - ritter.vg". ritter.vg. Retrieved 2025-02-21.
  10. ^ Stuart Burns (2024-12-31). "The 3 biggest VPN innovations of 2024 – what does the future hold?". TechRadar. Retrieved 2025-02-21.
  11. ^ a b Beuth, Patrick (2021-11-29). "Meinung: Nym versus Tor: Das neue Darknet aus der Schweiz". Der Spiegel (in German). ISSN 2195-1349. Retrieved 2025-02-23.
  12. ^ "Alternative Networks - Privacy Guides". www.privacyguides.org. Retrieved 2025-02-21.
  13. ^ a b Brühl, Jannis (2022-02-25). "Harry Halpin hat einen Plan für das Internet". Süddeutsche.de (in German). Retrieved 2025-02-23.
  14. ^ Chiara Castro (2024-10-08). "Metadata privacy matters – and this VPN promises to help". TechRadar. Retrieved 2025-02-21.
  15. ^ Chaum, David L. (1981-02-01). "Untraceable electronic mail, return addresses, and digital pseudonyms". Commun. ACM. 24 (2): 84–90. doi:10.1145/358549.358563. ISSN 0001-0782.
  16. ^ "Home - H2020 | Panoramix". Retrieved 2025-02-21.
  17. ^ "Privacy and Accountability in Networks via Optimized Randomized Mix-nets | PANORAMIX Project | Fact Sheet | H2020". CORDIS | European Commission. Retrieved 2025-02-21.
  18. ^ "home | NEXTLEAP". nextleap.eu. Retrieved 2025-02-21.
  19. ^ "NEXTLEAP | NEXTLEAP Project | Fact Sheet | H2020". CORDIS | European Commission. Retrieved 2025-02-21.
  20. ^ Nadis, Steve (October 18, 2022). "The Computer Scientist Who's Boosting Privacy on the Internet". Quanta Magazine. Retrieved 11 March 2025.
  21. ^ a b Piotrowska, Ania M.; Hayes, Jamie; Elahi, Tariq; Meiser, Sebastian; Danezis, George (2017). The Loopix Anonymity System. pp. 1199–1216. ISBN 978-1-931971-40-9.
  22. ^ a b c d Danezis, George; Goldberg, Ian (2008), Sphinx: A Compact and Provably Secure Mix Format, 2008/475, retrieved 2025-02-21
  23. ^ "Heartbeat Traffic to Counter (n-1) Attacks" (PDF). Wpes'03. ACM. October 30, 2003 – via Free Haven.
  24. ^ "Stop-And-Go-MIXes Providing Probabilistic Anonymity in an Open System" (PDF) – via Free Haven. {{cite journal}}: Cite journal requires |journal= (help)
  25. ^ "Vortrag: Nym | Saturday | Programm CDC at 36C3". frab.riat.at. Retrieved 2025-02-21.
  26. ^ a b "The Nym Network - The Next Generation of Privacy Infrastructure" (PDF). nym.com. February 26, 2021. Retrieved February 21, 2025.
  27. ^ Castillo, Michael del. "Chelsea Manning Is Back, And Hacking Again, Only This Time For A Bitcoin-Based Privacy Startup". Forbes. Retrieved 2025-02-21.
  28. ^ "Chelsea Manning dances with the crypto devil". POLITICO. 2022-05-31. Retrieved 2025-02-21.
  29. ^ "Chelsea Manning : « Maintenant, décrire la réalité est considéré comme un acte criminel »" (in French). 2022-10-18. Retrieved 2025-02-23.
  30. ^ Nym (2022-04-15). The Future of Privacy on The Internet - Nym launch with Harry Halpin and Edward Snowden in Paris. Retrieved 2025-02-21 – via YouTube.
  31. ^ Diaz, Claudia; Halpin, Harry; Kiayias, Aggelos (2022-06-13). "Reward Sharing for Mixnets". Cryptoeconomic Systems. 2 (1). doi:10.21428/58320208.00acf460. hdl:20.500.11820/775c695b-c52f-474e-9016-ec68ce28cd9b.
  32. ^ Bambysheva, Nina. "Andreessen Horowitz Leads Investment In Privacy Startup Integrating With Bitcoin". Forbes. Retrieved 2025-02-23.
  33. ^ "Worried About Digital Privacy? VPNs and Tor Aren't Enough Anymore". PCMAG. 2024-11-04. Retrieved 2025-02-21.
  34. ^ "The New Guide to Running a Tor Relay | Tor Project". blog.torproject.org. Retrieved 2025-02-21.
  35. ^ Halpin, Harry (2020). "Nym Credentials: Privacy-preserving decentralized identity with blockchains". IEEE Crypto Valley Conference on Blockchain Technology. doi:10.1109/CVCBT50464.2020.00010.
  36. ^ a b "Mixnet Research Review" (PDF). April 15, 2024. Retrieved February 21, 2025.
  37. ^ "Up-to-date cryptography". nym.com. Retrieved 2025-02-21.
  38. ^ Rial, Alfredo; Piotrowska, Ania M. (2024-12-27), Outfox: a Packet Format for a Layered Mixnet, arXiv:2412.19937
  39. ^ "Computer Security & Cryptography - Google Scholar Metrics". scholar.google.com. Retrieved 2025-02-21.
  40. ^ Leibowitz, Hemi; Piotrowska, Ania M.; Danezis, George; Herzberg, Amir (2019). No Right to Remain Silent: Isolating Malicious Mixes. pp. 1841–1858. ISBN 978-1-939133-06-9.
  41. ^ Kohls, Katharina; Diaz, Claudia (2022). {VerLoc}: Verifiable Localization in Decentralized Systems. pp. 2637–2654. ISBN 978-1-939133-31-1.
  42. ^ "On the Anonymity of Peer-To-Peer Network Anonymity Schemes Used by Cryptocurrencies". NDSS Symposium. Retrieved 2025-02-21.
  43. ^ "LARMix: Latency-Aware Routing in Mix Networks". NDSS Symposium. Retrieved 2025-02-21.
  44. ^ "NDSS Symposium 2025 Accepted Papers". NDSS Symposium. Retrieved 2025-02-21.
  45. ^ Troncoso, Carmela; Isaakidis, Marios; Danezis, George; Halpin, Harry (2017). "Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments". Proceedings on Privacy Enhancing Technologies (4): 404–426. arXiv:1704.08065. doi:10.1515/popets-2017-0056. ISSN 2299-0984.
  46. ^ Guirat, Iness Ben; Diaz, Claudia (2022). "Mixnet optimization methods". Proceedings on Privacy Enhancing Technologies. ISSN 2299-0984.
  47. ^ Rial, Alfredo; Piotrowska, Ania M. (2023). "Compact and Divisible E-Cash with Threshold Issuance". Proceedings on Privacy Enhancing Technologies (4): 381–415. arXiv:2303.08221. doi:10.56553/popets-2023-0116. ISSN 2299-0984.
  48. ^ a b Oldenburg, Lennart; Juarez, Marc; Rúa, Enrique Argones; Diaz, Claudia (2024). "MixMatch: Flow Matching for Mixnet Traffic". Proceedings on Privacy Enhancing Technologies (2): 276–294. doi:10.56553/popets-2024-0050. ISSN 2299-0984.
  49. ^ Guirat, Iness Ben; Das, Debajyoti; Diaz, Claudia (2024). "Blending Different Latency Traffic With Beta Mixing". Proceedings on Privacy Enhancing Technologies. ISSN 2299-0984.
  50. ^ Das, Debajyoti; Diaz, Claudia; Kiayias, Aggelos; Zacharias, Thomas (2024). "Are continuous stop-and-go mixnets provably secure?". Proceedings on Privacy Enhancing Technologies (4): 665–683. doi:10.56553/popets-2024-0136. ISSN 2299-0984.
  51. ^ "About us". COSIC. 2025-03-31. Retrieved 2025-02-21.
  52. ^ "SPRING - Student Projects". spring.epfl.ch. Retrieved 2025-02-21.
  53. ^ Infeld, Ewa J.; Stainton, David; Ryge, Leif; Hacker, Threebit (2025-01-07), Echomix: a Strong Anonymity System with Messaging, arXiv:2501.02933
  54. ^ Kocaoğullar, Ceren; Hugenroth, Daniel; Kleppmann, Martin; Beresford, Alastair R. (May 2024). "Pudding: Private User Discovery in Anonymity Networks". 2024 IEEE Symposium on Security and Privacy (SP). pp. 3203–3220. arXiv:2311.10825. doi:10.1109/SP54263.2024.00167. ISBN 979-8-3503-3130-1.
  55. ^ "Kerblam — Anonymous Messaging System Protecting Both Senders and Recipients - An anonymous post-office without mailboxes" (PDF). Retrieved February 21, 2025.
  56. ^ a b "Stopping Silent Sneaks: Defending against Malicious Mixes with Topological Engineering" (PDF).
  57. ^ "About Us | Nym". nym.com. Retrieved 2025-02-21.
  58. ^ "Karthikeyan Bhargavan". bhargavan.info. Retrieved 2025-02-21.
  59. ^ a b "The Levchin Prize for Real-World Cryptography". rwc.iacr.org. Retrieved 2025-02-21.
  60. ^ "Classic McEliece: Intro". classic.mceliece.org. Archived from the original on 2025-01-17. Retrieved 2025-02-21.
  61. ^ "BCS Lovelace Medal | BCS". www.bcs.org. Retrieved 2025-02-21.
  62. ^ Sam Dawson (2024-10-03). "NymVPN review". TechRadar. Retrieved 2025-02-23.
  63. ^ Editor, Assistant; PCWorld. "NymVPN review: An innovative decentralized VPN with some work to do". PCWorld. Retrieved 2025-02-23. {{cite web}}: |last1= has generic name (help)
  64. ^ "audit-reports/Nym/2023-03-27 Audit Report - Nym Mixnet and Vesting Contracts v1.0.pdf at main · oak-security/audit-reports" (PDF). GitHub. Retrieved 2025-02-23.
  65. ^ "Audit-Report Nym Mobile & Desktop, VPN, Infra & Cryptography 07.2024" (PDF). Cure 53. July 2024. Retrieved February 23, 2025.
[edit]
Retrieved from "https://en.wikipedia.org/w/index.php?title=Nym_(mixnet)&oldid=1279876997"