Anonymizer
An anonymizer or anonymizing service is a system that helps users to maintain their anonymity on the Internet, especially the World Wide Web. They should thus help to preserve privacy and security when browsing. In their function, they resemble remailers, which are used to anonymize emails.
Simple anonymizer
An anonymizer is connected as a so-called proxy or a virtual private network (VPN ) between the user and the target computer. Since the proxy / VPN instead of the user communicates with the target computer, the connection to the original user can not be traced easily. There is, however, necessary that the proxy is truly anonymous and not like a regular proxy per head data tells you that the request comes from a proxy and which client requests.
Typically, the flow of data between user and anonymizer is encrypted to prevent interception of the call between the user and the proxy. It is assumed that as many users use the same proxy at the same time so that individual connections can not be assigned to specific users.
Many well-known anonymizers rely on the SSL or SOCKS protocol and can therefore be used with a variety of applications.
Mix Cascades
For systems with only one proxy server security depends on the trustworthiness of the proxy computer. If this corrupted or he deliberately works against the user, the entire system is affected.
Modern anonymizer therefore rely on a plurality of cascaded proxies, so-called mix cascades. Here the data is encrypted several times and passed through several computers, where each computer encryption is decrypted. Only at the end of the mix cascade the data is readable. Since the connection data of different users are shuffled at each stage of the cascade, but an unambiguous assignment is impossible. Only an attacker who controls all the computers in a mix cascade, can monitor the traffic. Even if only a single mix remains intact, the overall system remains secure.
Anonymous P2P networks or mix networks
But even with mix cascades one has no guarantee that the various operators do not cooperate but, even if they are located in different jurisdictions. 100 % sure that will not be logged, you can only be when the anonymity service itself (ie a Mixknoten ) operates, and so the traffic of others and his own mixes and anonymous. So now you also get traffic from other, they must know their knots and can route their data stream by him. This is the philosophy Mix networks are based, such as the P2P anonymous network I2P: Each participant in the network to route external traffic and mixes it with his own, which he at the same time turn by other participants of the network can forward ( via so-called "tunnel "). Since the data but by default not leave the I2P network, they are end - to-end encrypted and by the participants (nodes) are forwarded only, the forwarding nodes are not associated with the activities of the user.