Re: On reply blocks and tagging attacks (was Re: Problems with bit-twiddlers)

[Roger Dingledine <arma@mit.edu>]

On Tue, Apr 02, 2002 at 02:09:09PM -0500, Nick Mathewson wrote:
> Second, your claim "that an adversary can extract very little
> information" seems superficially false:  If I control nodes 1 and 4 in a
> cascade, and I tag an incoming mail at node 1, won't I discover the
> recipient when it comes out as bit salad at node 4?  In this
> configuration, you only need one per message to link senders and
> recipients.

Hm.

Unless, of course, people intentionally send trash periodically. That way
you can't be sure which was the one you stomped on, or even if the one
you stomped on made it through at all.

This isn't a very good answer, though.

Scenario: Alice is sending a message. Mallory owns nodes 1 and 4 of
the cascade, and wonders who the message is for. She stomps on Alice's
message at node 1, and notices that Bob receives trash from node 4. If
Bob regularly receives trash, this is normal. But if not, then she has
linked Alice's message.

So for a recipient Bob to be protected from this tagging attack, he must
regularly receive trash. Welcome to the "dummy traffic against long-term
intersection attack" problem. Hard problem.

--Roger