[Cryptography] traffic analysis
ianG
iang at iang.org
Thu Jan 29 11:22:14 EST 2015
On 28/01/2015 18:59 pm, Richard Outerbridge wrote:
>> On 2015-01-28 (28), at 10:10:18, ianG <iang at iang.org> wrote:
>> Doing traffic obfuscation by filling out is an expensive solution when the rest of the world spends most of its time trying to optimise.
>
> What is the mechanism for separating the wheat from the chaff?
Outer HMAC is what I assumed. So, yes, at least a shared key for the
HMAC is required (nod to DJ).
> If we have a continually full channel full of fulsome noise, how does the receiver
> distinguish valid traffic from nothing?
A good protocol can drop incoming packets with bit errors anyway.
Another good principle is that ones traffic is indistinguishable from
random. You can send a random packet, and any attempt at the HMAC will
fail. Or you can send random data within the inner encryption envelope
that says "drop". As there is no return packet necessary, there is no
particular timing issue.
> Are there false positive & false negative
> rates at play here? Presumably both would have to be dialled down to be pretty low.
In my thinking, what we want is a slow channel and a fast channel. The
slow channel moves stuff occasionally. The fast channel moves stuff
quickly. When the fast stuff starts moving, the slow channel backs off.
When the time is quiet, the slow channel puts out some splutter. One
can think of the fast channel as the business channel and the slow
channel as the movies recommendations.
(This of course assumes an application. And it's not perfect, much fast
traffic will cause spikes.)
> Which as we all know is pretty much impossible.
That I don't follow.
iang
More information about the cryptography
mailing list