[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] obfsproxy like approach against website traffic fingerprinting?



On Thu, Dec 13, 2012 at 08:38:37PM +0000, adrelanos wrote:
> what if everyone, also people in uncensored countries, would use
> obfsproxy like traffic obfuscation for all circuits?
> 
> Could that make website traffic fingerprinting [1] more difficult?

Obfsproxy transforms each byte, but it doesn't change timing or size. So
I expect it does nothing against website fingerprinting.

To protect against somebody recognizing that the obfsproxied flows
are really Tor traffic underneath (i.e. by noticing a lot of 586-byte
packets), you'll want a chopper as well as obfsproxy. See the Stegotorus
paper: http://freehaven.net/anonbib/#ccs2012-stegotorus

But ultimately, the good website fingerprinting attacks look at overall
flow volume, so you'll want something that pads your sent/received flows
so they collide with a lot of other potential websites, without adding
too much overhead.

For the latest website fingerprinting paper, see Rob Johnson's "Touching
from a Distance" paper at CCS 2012.

--Roger

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk