[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Sampled Traffic Analysis by Internet-Exchange-Level Adversaries

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Sampled Traffic Analysis by Internet-Exchange-Level Adversaries
From: Mike Perry <mikeperry@xxxxxxxxxx>
Date: Wed, 30 May 2007 02:46:20 -0700
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 30 May 2007 05:46:29 -0400
In-reply-to: <20070529125655.GA5357@xxxxxxxxxxxxxxxx>
References: <20070528100048.GS7967@xxxxxxxxxxxxxxxxx> <4ef5fec60705280336l41a7a0c0xc27995c0a0a74f46@xxxxxxxxxxxxxx> <20070528110310.GT7967@xxxxxxxxxxxxxxxxx> <4ef5fec60705280423v2ce78492u42bbb921bd48c881@xxxxxxxxxxxxxx> <20070529125655.GA5357@xxxxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.4.2.2i

Thus spake Paul Syverson (syverson@xxxxxxxxxxxxxxxx):

> Anyway, the main reason I'm writing is that my objection was not just
> that the GPA was too strong but that it was too weak. Thinking you
> could have an adversary powerful enough to monitor all the links
> necessary to watch your whole large network but not able to do any
> active traffic shaping at all anywhere seems obviously nuts. This is
> one reason why padding on an open low-latency (lossless) network is
> problematic: an adversary with any active capability at all can induce
> a timing channel easily.

Actually, I'm going to disagree slightly because I don't feel like
sleeping yet :). It would take far less resources to passively tap the
traffic and filter out say Tor IPs and do analysis on just that data
offline. Trying to actively do that filter in-path PLUS arbitrarily
delay (ie queue in memory) that traffic in real time, all without
signficantly affecting pass-through traffic seems like it would be a
lot more expensive.

Also, not to mention there is a limited number of bits that can be
reliably encoded in this manner, and the purturbations of padding that
shares the same TLS connection will lower this effectiveness. The
adversary needs enough bits to get through to be able to track all the
parties it is interested in. If padding is in place, it will have to
spend considerable effort in redundancy to make sure that the
timestamp remains present in the exit stream.. Which again means more
queueing and more expense. 

Of course, it also means more expense on the part of the anonymity
network in wasted bandwidth.. If padding slows down the network to the
point where users start to leave, other, more dangerous effects take
over.

Finally, going on what has been disclosed so far in the EFF v AT&T case,
it would seem that global adversary-style mass surveilance is in fact
ocurring passively, out of path. At least the illegal domestic stuff,
anyways. I suppose it's anyone's guess what they do when it's less
blatantly illegal.. Maybe Echelon is the reason my bbc is so slow! :)

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgp6W7y5IECuM.pgp
Description: PGP signature

References:
- Sampled Traffic Analysis by Internet-Exchange-Level Adversaries
  - From: Steven Murdoch
- Re: Sampled Traffic Analysis by Internet-Exchange-Level Adversaries
  - From: coderman
- Re: Sampled Traffic Analysis by Internet-Exchange-Level Adversaries
  - From: Steven Murdoch
- Re: Sampled Traffic Analysis by Internet-Exchange-Level Adversaries
  - From: coderman
- Re: Sampled Traffic Analysis by Internet-Exchange-Level Adversaries
  - From: Paul Syverson

Prev by Author: Re: Exiting only port 80
Next by Author: Crazy with Exit nodes
Previous by thread: Re: Sampled Traffic Analysis by Internet-Exchange-Level Adversaries
Next by thread: Ideas on increasing the significance of tor
Index(es):
- Author
- Thread