[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] passive analysis of encrypted traffic and traffic obfuscation

Hi tor guys,

encrypted traffic analysis is an analysis apply to an encrypted session
in order not to disclose the protected data, but to detect the protocol

the IRAN attack in TOR was, more or less, an attack like them. (more or
less because was based on the HTTPS pattern, not in an analysis based on
packets size and packets timing, anyway this is one possible next step
in this challenge).

anyway, yesterday has been released a tool (SniffJoke:
http://www.delirandom.net/sniffjoke) transparently scramble the traffic
outgoing from a Linux box and making nasty to be analyzed by a sniffer
or other passive wiretapping tool.

If someone interested in TOR deply, would:

1) try a blocked TOR version in IRAN, to verify if the session is
protected from the anti-TOR tech

2) study a scrambling pattern, I will develop a specific sniffjoke
plugin to protect eventually escalation in passive analysis from the

3) tests sniffjoke as additional protection in an exit node, protecting
from passive analysis the anonymized traffic

4) any other ideas :)

I want to offer my supports


Attachment: signature.asc
Description: OpenPGP digital signature

tor-talk mailing list