[Cryptography] traffic analysis

ianG iang at iang.org
Wed Jan 28 10:10:18 EST 2015 

On 27/01/2015 10:08 am, grarpamp wrote:
> On Mon, Jan 26, 2015 at 4:43 PM, John Denker <jsd at av8n.com> wrote:

>> The only defense I know of against traffic analysis
>> is cover traffic, and lots of it.
>>
>> Without a rigorous regimen of cover traffic, the
>> special message would stick out like a sore thumb.
>
>> Things like remailers and tor rely on hiding a
>> tree in a forest.  The works best if the trees
>> are indistinguishable.  Otherwise it becomes (at
>> most) a statistics problem.  The NSA is reeeally
>> good at statistics.
>
> With the abundance of even just passive adversaries
> these days, the importance of cover traffic, fill, flooding,
> chaff, however you call it can't be overstated as a
> necessity if you wish to hide the endponts ot actual
> traffic without playing too much that risky odds game.
>
> It amazes me that, while there are some papers
> about it, no one appears to have actually produced
> software for users to download, install and run, for a
> working network based on it. Is there so much (possibly
> far less than correct) thought out there that fill bandwidth
> is evil, untolerable, unmanageable, and blocking of usability
> such that these networks are moot to even try coding
> for general deployment?
>
> If anyone knows of any such networks, please post the links.


There was once a company (ZKS) that offered a client download that did a 
sort of late 1990s mix of Tor,Chat,Nyms,mail privacy stuff.  In order to 
do it properly they wanted you to have a pipe would would consume X 
bandwidth always, so traffic analysis was hard.  I recall it had a 
setting on it for 64k, 128k, 256k.

Unfortunately, the users thought that actually, they'd rather preserve 
that bandwidth for ... other things :)  Inter alia, users don't really 
pay for privacy, so the company didn't get very far selling their 
product.  I hear they did manage to get into the firewall business tho.

Doing traffic obfuscation by filling out is an expensive solution when 
the rest of the world spends most of its time trying to optimise.



iang

More information about the cryptography mailing list