Adam Back writes:

It's as strong as we could make it. Private interactive communications are a hard problem. As Wei and I were discussing in the "PipeNet protocol" thread in the last couple of weeks, there are 4 main properties you're trying to optimise over:

1. security (resistance to traffic analysis) 2. performance 3. bandwidth efficiency (cost) 4. DoS resistance

It appears pretty hard to get more than one of these properties with theoretical optimality. PipeNet gets the first one with good theoretical security, but none of the others are good. Freedom makes an engineering tradeoff which does reasonably on all 4.

What about adding link padding? Can you say something about why this doesn't help, or costs too much? Without it, someone monitoring your system can see which ZKS node you are talking to. If they then monitor that node they can see that whenever you send an incoming message, there comes an outgoing message, so they can see the next node you are talking to, and so on. With link padding, they couldn't do this. They'd have to interrupt your data stream and then monitor *all* the outgoing traffic from *all* the ZKS nodes and see which one got interrupted. This sounds like a much more expensive attack. It is an active attack as well, while the previous one is passive and could be done by a Carnivore system. Ob