While there exist mixnets that can anonymously route large amounts of data packets with end to end latency that can be as low as a second, %making them attractive for a variety of applications, combining this level of performance with strong verifiability and reliability properties that ensure the correct processing and delivery of packets has proved challenging. Indeed, existing verifiability mechanisms are incompatible with scalable low-latency operation due to imposing significant latency overheads measuring in minutes to hours, hence severely limiting the variety of applications mixnets can serve. We address this important gap by proposing a scheme that can estimate reliability scores for a mixnet's links and nodes in a decentralized manner with essentially optimal complexity that is independent of the total traffic routed through the mixnet. The scores can be computed publicly by all participants from a set of measurement packets that are eventually revealed and act as a random sample of the traffic, without affecting mixnet transmission latency for client packets or incurring significant bandwidth overhead. Our scheme assumes client credentials and relies on VRF-based routing, a novel primitive that ensures that legitimate client packets follow the routing policy of the mixnet, as well as randomly generating unforgeable measurement packets. We experimentally validate our construction both in unreliable and adversarial settings, demonstrating its feasibility.

翻译：尽管存在能够匿名路由大量数据包的混合网络，其端到端延迟可低至一秒，但将这种性能水平与确保数据包正确处理和交付的强可验证性和可靠性特性相结合已被证明具有挑战性。实际上，现有的可验证性机制由于会施加数分钟至数小时的显著延迟开销，与可扩展的低延迟操作不兼容，从而严重限制了混合网络所能服务的应用场景。我们通过提出一种方案来解决这一重要缺陷，该方案能够以去中心化方式评估混合网络链路和节点的可靠性分数，其复杂度基本最优且与混合网络路由的总流量无关。所有参与者均可从一组最终被揭示的测量数据包中公开计算这些分数，这些测量包作为流量的随机样本，既不影响客户端数据包的混合网络传输延迟，也不会产生显著的带宽开销。我们的方案假设客户端具有凭证，并依赖于基于VRF的路由——这是一种确保合法客户端数据包遵循混合网络路由策略并能随机生成不可伪造测量数据包的新型原语。我们在不可靠和对抗性环境中通过实验验证了该构造的可行性。