Ray Dillinger[SMTP:bear@sonic.net] wrote
I think that what we really need is some kind of NNTP-like system that distributes encrypted packets instead of cleartext ones. If you want to baffle traffic analysis, just create a system where they can't tell the difference between your emails and tons and tons of news traffic.
[...] You mean like the long standing and active news group alt.anonymous.messages, but different? Peter Trei
On Fri, 1 Dec 2000, Trei, Peter wrote:
Ray Dillinger[SMTP:bear@sonic.net] wrote
I think that what we really need is some kind of NNTP-like system that distributes encrypted packets instead of cleartext ones. If you want to baffle traffic analysis, just create a system where they can't tell the difference between your emails and tons and tons of news traffic.
[...]
You mean like the long standing and active news group alt.anonymous.messages, but different?
Yes, different. alt.anonymous.messages is simply a message mix. I'm talking about a system that would provide lots of encrypted traffic *ON THE SAME PORTS* as whatever other encrypted traffic you were sending. IOW, no one should be able to look at logs and say, "well, we can ignore that packet, it's NNTP. This other packet over here is mail, and probably the thing we're after..." In a more general statement, I guess I'm saying that encrypted traffic should not be segregated into different services - at least not so you can tell which are which without decrypting. and furthermore, even high-volume ordinary traffic - like rec.pets.cats - should be distributed by encrypted means, so you can't tell at the protocol level what's inside. Bear
At 11:58 AM 12/1/00 -0500, Ray Dillinger wrote:
Yes, different. alt.anonymous.messages is simply a message mix. I'm talking about a system that would provide lots of encrypted traffic *ON THE SAME PORTS* as whatever other encrypted traffic you were sending. IOW, no one should be able to look at logs and say, "well, we can ignore that packet, it's NNTP. This other packet over here is mail, and probably the thing we're after..."
Do you really think all those pictures flying about on pictures-binary newsgroups are really of what they seem to be? :-) Look beneath the flab. Steganography. Crypto implications of cheap scanners, and a year or so later, affordable digital cameras. Even some hidden cargo compartments in MP3.
At 08:56 AM 12/1/00 -0800, Ray Dillinger wrote:
Yes, different. alt.anonymous.messages is simply a message mix. I'm talking about a system that would provide lots of encrypted traffic *ON THE SAME PORTS* as whatever other encrypted traffic you were sending. IOW, no one should be able to look at logs and say, "well, we can ignore that packet, it's NNTP. This other packet over here is mail, and probably the thing we're after..."
That sounds like a job for IPSEC. All the packets are encrypted at the IP level, though you can still tell the source and destination of the outer packet, and you can tell the packet size, so it's not a strict Pipenet substitute - if you see traffic from A to B and same-sized traffic from B to C, you can guess that B might have routed some packets from A to C. But it still answers your basic request. Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
participants (4)
-
Bill Stewart -
David Honig -
Ray Dillinger -
Trei, Peter