[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Link padding and the intersection attack
Herein I clarify my argument a bit, and then conclude with a current
plan of action.
On Thu, Aug 08, 2002 at 03:00:38AM -0400, Roger Dingledine wrote:
> I talked to iang, adam, and jbash about link padding during Black Hat. I
> asked how to do less expensive link padding than n^2 while still getting
> some security. Ian said that anything less than n^2 is equivalent to
> no padding. Adam went a step further, saying that n^2 really isn't any
> good either.
I don't mean to argue that link padding is useless. Instead I mean to
argue that I don't understand what (if anything) link padding actually
gets us, in any situation. We need to do some actual analysis first and
then see if people buy it, before deploying it and expecting it to do
anything more than provide a false sense of security.
Going on the premise that adding a new feature without understanding
whether it works is a bad idea, I'm going to ship onion routing with
link padding off by default, rather than on. This will ease deployment,
both because router operators won't laugh at us, and because users won't
waste much bandwidth.
--Roger