[Cryptography] traffic analysis

John Denker jsd at av8n.com
Mon Jan 26 16:43:22 EST 2015

Hash: SHA1

On 01/26/2015 06:17 AM, StealthMonger wrote:

> Tor is not anonymous

OK.... but the same can be said for lots of other
things, as we now discuss.

Every so often the pointy-haired boss asks "Is 
it secure if we do ...." and the answer is always 
"No."  It is not necessary to wait for the end 
of the question.

> The only way I know to stay anonymous is to use chains of anonymizing
> remailers 

Still not secure.  If you want to argue that it is
somewhat less insecure, the devil is in the details.

> Expect about 30 mails, spread over maybe a day.

Suppose a typical HTTP session lasts half a minute.
There are 1440 minutes a day.  Other things being
equal, remailing degrades the adversary's signal-
to-noise ratio by a factor of less than 1^12.  If 
you think the number of people using the anonymous 
remailer network that day is less than the number 
of people using tor, the gain is even less.

With modern ciphers we are accustomed to seeing
work factors on the order of 2^81.  At that point
I reckon the adversaries are not going to bother 
with a direct attack.  Instead they will use other
tricks, such as traffic analysis.  A work factor
of 2^11 is not enough to stop the attack.  Mostly
you're just calling attention to yourself.

This is not fixed by using tor.  It is also not 
fixed by using HTTP GET instead of HTTP POST.
It is not fixed by using remailers.  Fixing this
is really, really hard ... but it has to be done.

The only defense I know of against traffic analysis
is cover traffic, and lots of it.  Suppose every
hour on the hour I transmit a 1000-byte encrypted
message.  Most of them say "Wait."  Once in a very 
long while, one of them says "Barrage at 04:00,
paratroops land at 05:00, amphibious landings at 
06:00, capture the bridge, hold until relieved."
Without a rigorous regimen of cover traffic, the 
special message would stick out like a sore thumb.

Things like remailers and tor rely on hiding a
tree in a forest.  The works best if the trees
are indistinguishable.  Otherwise it becomes (at 
most) a statistics problem.  The NSA is reeeally
good at statistics.  Quoting Ed Snowden:  Assume 
your adversary is capable of a trillion guesses 
per second.

- ----------
Amusing story about remailers and the limitations
Search for the word "ticket".

Version: GnuPG v1


More information about the cryptography mailing list