[Cryptography] traffic analysis

John Denker jsd at av8n.com
Mon Jan 26 16:43:22 EST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/26/2015 06:17 AM, StealthMonger wrote:

> Tor is not anonymous

OK.... but the same can be said for lots of other
things, as we now discuss.

Every so often the pointy-haired boss asks "Is 
it secure if we do ...." and the answer is always 
"No."  It is not necessary to wait for the end 
of the question.

> The only way I know to stay anonymous is to use chains of anonymizing
> remailers 

Still not secure.  If you want to argue that it is
somewhat less insecure, the devil is in the details.

> Expect about 30 mails, spread over maybe a day.

Suppose a typical HTTP session lasts half a minute.
There are 1440 minutes a day.  Other things being
equal, remailing degrades the adversary's signal-
to-noise ratio by a factor of less than 1^12.  If 
you think the number of people using the anonymous 
remailer network that day is less than the number 
of people using tor, the gain is even less.

With modern ciphers we are accustomed to seeing
work factors on the order of 2^81.  At that point
I reckon the adversaries are not going to bother 
with a direct attack.  Instead they will use other
tricks, such as traffic analysis.  A work factor
of 2^11 is not enough to stop the attack.  Mostly
you're just calling attention to yourself.

This is not fixed by using tor.  It is also not 
fixed by using HTTP GET instead of HTTP POST.
It is not fixed by using remailers.  Fixing this
is really, really hard ... but it has to be done.

The only defense I know of against traffic analysis
is cover traffic, and lots of it.  Suppose every
hour on the hour I transmit a 1000-byte encrypted
message.  Most of them say "Wait."  Once in a very 
long while, one of them says "Barrage at 04:00,
paratroops land at 05:00, amphibious landings at 
06:00, capture the bridge, hold until relieved."
Without a rigorous regimen of cover traffic, the 
special message would stick out like a sore thumb.

Things like remailers and tor rely on hiding a
tree in a forest.  The works best if the trees
are indistinguishable.  Otherwise it becomes (at 
most) a statistics problem.  The NSA is reeeally
good at statistics.  Quoting Ed Snowden:  Assume 
your adversary is capable of a trillion guesses 
per second.

- ----------
Amusing story about remailers and the limitations
thereof:
  http://calteches.library.caltech.edu/34/3/FeynmanLosAlamos.htm
Search for the word "ticket".

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBVMa0+vO9SFghczXtAQKu/BAAhcZ2Y9ygV0lD+e5yCcZjV7c4HzTJCvLQ
AYcGXNqPinaYGOcIVbQ2lKJylgGYvkyUxEyBJJ8XTt3aU54effaQKS1s8gipSd4x
YeXewfqb3fSliwaydrqlOQAlTv+Eo8IJiQai/Tj11770d+yIIsGMx1S+Dd5rzIhN
fhzCHUOdYD1yqMP1TRTkQw6eBNRbXA6TOwOQAFf5MKtILZAOO6iV/cohdVuZfiyS
OXMxymrwRsLz6fjiaH6T0xwCScWoVqe6KUoAJxllTiiFCs9p3WmQX+Bm+1tTaxca
k8rK6zlHQoFqekRFxyTO1nCLfk6z+zZrWRHRDfiedettNOPI5zNSuZ571qm5h6Jq
6aqikw/oz6qPJ4ZTzvpb6TKq/P52MAxCkIj1IeyaVCIxPHyWYv+bc+Rta+uS43k0
B1bjsznIGlja1XcedpmaU+31WWD0ijDEBSHbqO/jrNqG4EdKVE5BzL3rtg3m8hJD
HLV/4y2+tpB4S7C5c4W+t7YdmTS1dWivwvAnPwlJfgU82FHs3DOb89PcNFNOHwTd
SVP0cb++q1RLtIW8BhLcne0qoVIxku0YQBrn52608SnZTFdex42yppfTkQkDNR44
ym4O6PRff3szlrvcy3Rw4LAxYuMMJ+TvltL4psJsqsIe4Ky09yzhB7iKTSP9cYJY
SPINluicjbw=
=OsDc
-----END PGP SIGNATURE-----


More information about the cryptography mailing list