[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Timing attacks and fingerprinting users based of timestamps

Flipchan writes:

> So i was thinking about timing attacks and simular attacks where time is a Big factor when deanonymizing users . 
> and created a Little script that will generate a ipv4 address and send a get request to that address https://github.com/flipchan/Nohidy/blob/master/traffic_gen.py then delay x amount of seconds and do it again. This will probelly make it harder for the attacker to fingerprint the users output data due to the increased data flow coming out from the server. 
> So to protect against traffic timing attacks and simular would be to generate More data.

This is called padding traffic and it's been studied a bit in relation
to systems like Tor.  Roger has often said that a conclusion of the
studies was that it's hard to get a lot of privacy benefit from most
padding schemes, but it might be good to know what the state of the
art is in padding attacks and defenses.

Seth Schoen  <schoen@xxxxxxx>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to