[Cryptography] traffic analysis

ianG iang at iang.org
Thu Jan 29 11:22:14 EST 2015

On 28/01/2015 18:59 pm, Richard Outerbridge wrote:
>> On 2015-01-28 (28), at 10:10:18, ianG <iang at iang.org> wrote:
>> Doing traffic obfuscation by filling out is an expensive solution when the rest of the world spends most of its time trying to optimise.
> What is the mechanism for separating the wheat from the chaff?

Outer HMAC is what I assumed.  So, yes, at least a shared key for the 
HMAC is required (nod to DJ).

> If we have a continually full channel full of fulsome noise, how does the receiver
> distinguish valid traffic from nothing?

A good protocol can drop incoming packets with bit errors anyway. 
Another good principle is that ones traffic is indistinguishable from 
random.  You can send a random packet, and any attempt at the HMAC will 
fail.  Or you can send random data within the inner encryption envelope 
that says "drop".  As there is no return packet necessary, there is no 
particular timing issue.

> Are there false positive & false negative
> rates at play here? Presumably both would have to be dialled down to be pretty low.

In my thinking, what we want is a slow channel and a fast channel.  The 
slow channel moves stuff occasionally.  The fast channel moves stuff 
quickly.  When the fast stuff starts moving, the slow channel backs off. 
  When the time is quiet, the slow channel puts out some splutter.  One 
can think of the fast channel as the business channel and the slow 
channel as the movies recommendations.

(This of course assumes an application.  And it's not perfect, much fast 
traffic will cause spikes.)

> Which as we all know is pretty much impossible.

That I don't follow.


More information about the cryptography mailing list