[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Padding again Was: Practical web-site-specific traffic analyses
- To: or-talk@xxxxxxxxxxxxx
- Subject: Padding again Was: Practical web-site-specific traffic analyses
- From: Gregory Maxwell <gmaxwell@xxxxxxxxx>
- Date: Sun, 1 Aug 2010 23:02:53 -0400
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Sun, 01 Aug 2010 23:03:00 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type:content-transfer-encoding; bh=yELTQZhLkkS6Hg9msSEIWmu5gkUEjoJ2n3RhmpFj9G0=; b=FwOjL3K251o4RI6IchakU4zTK9PaEqKWSRiiICZdBKaFPYOz40ze6M+EasylHd3LpB e8yEZsuk3kZkge26Z/WejpBxH01VsPo/u3AYNU2XBCnyZNekZBw2yn+4S/mowhIbmTPZ A6pH0GwdrJwfYqhLZ0gHKS8S8N3pbJVVniVSA=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=wpZJUOFQ1U9jO5OY+hC2h1Cwhz9b2aZsrIKsT86Svcf7FjPnz0b5RtzYcCbatLO+9I PhkZzdHI7eVNGPtI4nwrIzMc0MeAIinMFZ/X4fHK2AsJf6pFRoEHhgLRo2DAY3Pz34D8 R2zhXcSQ5tMcuxh7pWixG0W8xcegnHIdvTsWM=
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On Sun, Aug 1, 2010 at 9:07 PM, Steven J. Murdoch
<tortalk+Steven.Murdoch@xxxxxxxxxxxx> wrote:
[snip]
> To fix this attack, systems can add dummy traffic (padding), delay
> packets, and/or drop packets. Tor adds a bit of padding, but unlikely
> enough to make a difference. Tor doesn't (intentionally) drop or delay
> traffic.
>
> More research is needed before we will know how to best to use and
> combine these traffic analysis resistance techniques. I co-authored a
> paper on some aspects of this problem, but while the combination of
> delaying and padding is promising, more needs to be done before this
> can be deployed in a production system:
>
> Âhttp://www.cl.cam.ac.uk/~sjm217/papers/pets10topology.pdf
The overhead of padding schemes that I've seen, either end to end
type, or hop-based for free routed networks as presented above, are
simply too large to be practical.
I'd also guess that there might also be a negative social effect where
people would be less inclined to run relays if they knew that only a
small fraction of the traffic was actually good-put.
I think this makes a good argument for combining tor with a
high-latency higher anonymity serviceâ so that the "padding" for the
most timing attack vulnerable traffic can still be good traffic
sourced from high latency mixes stored at nodes. ... but this wouldn't
be simply accomplished, and I'm not aware of any ongoing research
along these lines.
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/