[18788] in cryptography@c2.net mail archive
Re: [PracticalSecurity] Anonymity - great technology but hardly used
daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon Oct 31 09:32:17 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 26 Oct 2005 23:34:14 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: "Travis H." <solinym@gmail.com>
Cc: cyphrpunk <cyphrpunk@gmail.com>, cypherpunks@jfet.org,
cryptography@metzdowd.com, PracticalSecurity@hbarel.com
In-Reply-To: <d4f1333a0510252140t29fffe61nb8aa0871fb48aabc@mail.gmail.com>
Travis H. wrote:
> Part of the problem is using a packet-switched network; if we had
> circuit-based, then thwarting traffic analysis is easy; you just fill
> the link with random garbage when not transmitting packets. I
> considered doing this with SLIP back before broadband (back when my
> friend was my ISP). There are two problems with this; one, getting
> enough random data, and two, distinguishing the padding from the real
> data in a computationally efficient manner on the remote side without
> giving away anything to someone analyzing your traffic. I guess both
> problems could be solved
> by using synchronized PRNGs on both ends to generate the chaff. The
> two sides getting desynchronzied would be problematic. Please CC me
> with any ideas you might have on doing something like this, perhaps it
> will become useful again one day.
But this is trivial. Since the traffic is encrypted, you just have a bit
that says "this is garbage" or "this is traffic".
OTOH, this can leave you open to traffic marking attacks. George Danezis
and I wrote a paper on a protocol (Minx) designed to avoid marking
attacks by making all packets meaningful. You can find it here:
http://www.cl.cam.ac.uk/users/gd216/minx.pdf.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
