Tom Vogt writes:
This is to defend against active attacks delaying packets to observe the effect on the network and hence trace routes.
I don't understand the necessity of this. if the amount of traffic is a constant anyway, a delay would vanish at the first node.
e.g. my upstreams provider sends out x bytes every time unit, no matter whether or not he gets anything from me. when I stop sending, nothing in his traffic pattern changes.
You're presuming hop-by-hop padding, Wei is presuming end-to-end padding. His threat model is that some fixed set of switches is compromised: | The adversary may control a fixed subset of the nodes. Also you'll note in the scheduling description that there is nothing about switches adding or removing padding. I think Wei is implicitly considering that this is done by the caller and receiver (who open links and keep the full until they close them). Even closing links is mixed to prevent closure leaking too much: | The process of making and breaking connections must also not leak | information. This can be done by using a protocol analogous to mix-net. | Link forming/destroying requests are queued and performed in batches in a | way similar to queuing and mixing of e-mail in a mix-net. Adam