[Cryptography] traffic analysis

[grarpamp]

On Mon, Jan 26, 2015 at 4:43 PM, John Denker <jsd at av8n.com> wrote:
> On 01/26/2015 06:17 AM, StealthMonger wrote:
>> Tor is not anonymous
>
> OK.... but the same can be said for lots of other
> things, as we now discuss.
>
> Suppose a typical HTTP session lasts half a minute.
> There are 1440 minutes a day.  Other things being
> equal, remailing degrades the adversary's signal-
> to-noise ratio by a factor of less than 1^12.  If
> you think the number of people using the anonymous
> remailer network that day is less than the number
> of people using tor, the gain is even less.
>
> The only defense I know of against traffic analysis
> is cover traffic, and lots of it.
>
> Without a rigorous regimen of cover traffic, the
> special message would stick out like a sore thumb.

> Things like remailers and tor rely on hiding a
> tree in a forest.  The works best if the trees
> are indistinguishable.  Otherwise it becomes (at
> most) a statistics problem.  The NSA is reeeally
> good at statistics.

With the abundance of even just passive adversaries
these days, the importance of cover traffic, fill, flooding,
chaff, however you call it can't be overstated as a
necessity if you wish to hide the endponts ot actual
traffic without playing too much that risky odds game.

It amazes me that, while there are some papers
about it, no one appears to have actually produced
software for users to download, install and run, for a
working network based on it. Is there so much (possibly
far less than correct) thought out there that fill bandwidth
is evil, untolerable, unmanageable, and blocking of usability
such that these networks are moot to even try coding
for general deployment?

If anyone knows of any such networks, please post the links.