[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How to obfuscate the Tor Browser activity from the Time/Size correlation attack?

On 03/14/2013 01:55 PM, avarageanonymous@xxxxxxxxxxxx wrote:

> How would you obfuscate the packets from the the Time/Size correlation in this example activity:
> The user in California sends the E-Mail message from the web client provider, possibly 1Gmail to the 2Gmail address?
> It is said that Tor Browser working with protocol that is made to send this message in 512 bytes packets.
> The users Internet provider could log and see the approximate size of the message and in California for example the Google working with self-owned Internet Provider could correlate the approximate size of the send to the message sent from 1Gmail to the Entry Node with the size of the message received by 2Gmail. Does this threat exists?

Instead of using webmail, you could use Mixmin remailer nyms with
delivery via alt.anonymous.messages (a.a.m). After arbitrarily long
paths through remailer chains, encrypted messages are delivered to
a.a.m, which serves as a common inbox. Checking for mail involves
getting all new a.a.m posts, determining which are for you, and
decrypting them. Both mail and news servers are available as hidden
services. Quicksilver Windows apps (QSL for sending, and QSA for
receiving) work well in Whonix with Wine.

> Maybe the web application that could be opened in the same Tor Browser next to the web mail client and that application would generate some truly random traffic from some truly random generating server so the Internet Provider would see the all traffic including the random and would not be able to sufficiently correlate the Size? It would be wonderful if there could be such option in the Tor Browser. It would be awesome if the user could just use non-exit relaying for this purpose but not everyone is able to use it because of the NAT or Firewall. It looks that Time could not be obfuscated as easily as Size. Is the Size obfuscation possible within the current Tor protocol specification for the Tor Browser? If this kind of web application is possible and would obfuscate the Size from the Internet Provider? If Google is running the Entry Node or it is being hosted on Google, the Google would still be able to correlate the Size and Time?
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

tor-talk mailing list