[13969] in cryptography@c2.net mail archive
Re: traffic analysis
daemon@ATHENA.MIT.EDU (Anonymous)
Fri Aug 29 14:52:31 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 29 Aug 2003 03:04:47 +0159 (CEST)
From: Anonymous <discord-nobody@erisiandiscord.de>
To: jsd@av8n.com, cryptography@metzdowd.com
John S. Denker writes:
> More specifically, anybody who thinks the scheme
> I described is vulnerable to a timing attack isn't
> paying attention. I addressed this point several
> times in my original note. All transmissions
> adhere to a schedule -- independent of the amount,
> timing, meaning, and other characteristics of the
> payload.
>
> And this does not require wide-area synchronization.
> If incoming packets are delayed or lost, outgoing
> packets may have to include nulls (i.e. cover traffic).
Suppose you are engaged in a video conference with another party via an
anonymous real-time communications network. Don't you agree that you
cannot remain anonymous to that party, if they have the power to insert
arbitrary delays into communication links? How could you prevent frame
dropouts when she delays your link into the anonymizing cloud? You
can insert nulls, or get the cloud to do it for you, but it will be
obvious to the recipient that your video has stopped.
This again demonstrates that you cannot remain anonymous with realtime
communication against an adversary who can corrupt selected endpoints
and who can insert traffic delays. If you disagree, explain how you
will counter this attack.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
