> On 29 Jul 2018, at 23:42, George Kadianakis <desnacked@xxxxxxxxxx> wrote: > >>> 2) From what I understand you are also hoping to use WTF-PAD to protect >>> against circuit fingerprinting and not just website >>> fingerprinting. They told me that while this might be plausible, >>> there is no current research on how well it can achieve that. Are we >>> hoping to do that? And what research remains here? How can I help? >>> Which parts of the Tor circuit protocol are we hoping to hide? >> >> I am designing WTF-PAD to be a framework for deploying padding against >> arbitrary traffic analysis attacks. It is meant to allow us to define >> histograms on the fly (in the Tor consensus) as these are studied. The >> fact that they have not yet been studied is not super relevant to >> deploying the framework for it now. >> > > ACK. > > What other traffic analysis attacks are we looking at addressing here? > > I'm thinking of stuff like "circuit fingerprinting of onion services", > but I wonder if histograms and random sampling is too crude to actually > be able to help against sophisticated attacks. I don't have a suggestion > for something better currently. > > On that topic, is it decided whether the adaptive padding of WTF-PAD > will also happen during circuit construction, or only after that? Padding during circuit construction should work with VPADDING cells: https://gitweb.torproject.org/torspec.git/tree/tor-spec.txt#n508 At least it did last time I checked: https://github.com/teor2345/endosome/blob/master/client-or-22929.py https://trac.torproject.org/projects/tor/ticket/22929 We should avoid using PADDING cells during the handshake, because Tor sometimes closes the connection: https://github.com/teor2345/endosome/blob/master/client-or-22934.py T -- teor Please reply @torproject.org New subkeys 1 July 2018 PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ----------------------------------------------------------------------
Attachment:
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev