[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] A possible solution to traffic correlation attacks,

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] A possible solution to traffic correlation attacks,
From: notfriendly@xxxxxxxxxx
Date: Sun, 05 Jun 2016 17:13:41 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 05 Jun 2016 17:14:02 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1465161221; bh=UjtgX8aLMrGw3xAx607dDRafgvE2rF66GRQbazfW6gw=; h=Date:From:To:Subject:In-Reply-To:References:From; b=Llm1i57eSZl2XlbeDRmn+U5OYfXyAaJsNghedVRTJojYdWyS0RqeU0wepY4B3AtTe dWYhwPJiqoA9XW8h4yKA/4DNQwP8sNnCtaEARGoIEV3kYeYDNmTgUdL4V/QKeVmEym jAm0ccgTkDWcJ3O1/VhpGWNZkY2/Irg8Z6tlJM2M=
In-reply-to: <CAD2Ti29UX8dZxz_McuC8GAaigWXgeAbWZR=QZBDfhLLP7Y_RtQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <8554176B-F17B-4FC6-AFBA-29DA392E4B28@xxxxxxxxxx> <CAD2Ti29UX8dZxz_McuC8GAaigWXgeAbWZR=QZBDfhLLP7Y_RtQ@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On 2016-06-05 14:34, grarpamp wrote:

On 6/5/16, Not Friendly <notfriendly@xxxxxxxxxx> wrote:
After about an hour of brain storming I may of found a way to stoptraffic
correlation attacks. The idea is to add an artificial delay of a few
randomized ms (two separate delays, one to the tor exit and anotherdeal ontraffic exiting the network) and add an extra chunk of randomized data(justa small random amount of KB that never exits the network). It wouldmake
traffic harder to correlate. What are your thoughts on this?
Doesn't work.
"never exits" - GPA's don't necessarily need to correlate any internal
flows. They can look only at the endpoints. The minute you insert
traffic that lights up some other endpoint, in an otherwisesufficiently
quiet network, or distinguishable way (bytes / latency [pump], which is
made even easier for them if they reign over an endpoint), you're done.
You need fulltime regulated fill traffic, within which, your trafficresides.

So randomizing the times that traffic enters the network and exits thenetwork wouldn't work? Like it enters a note and 30 ms after received oranother random delay couldn't it exit. It would be harder to correlatethe traffic right?

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] A possible solution to traffic correlation attacks,
  - From: Allen
- Re: [tor-talk] A possible solution to traffic correlation attacks,
  - From: juan

References:
- [tor-talk] A possible solution to traffic correlation attacks,
  - From: Not Friendly
- Re: [tor-talk] A possible solution to traffic correlation attacks,
  - From: grarpamp

Prev by Author: Re: [tor-talk] Any updates from Tor Project on ioerror?
Next by Author: Re: [tor-talk] A possible solution to traffic correlation attacks,
Previous by thread: Re: [tor-talk] A possible solution to traffic correlation attacks,
Next by thread: Re: [tor-talk] A possible solution to traffic correlation attacks,
Index(es):
- Author
- Thread