Foiling Traffic Analysis
At 4:35 AM 1/2/96, Jon Lasser wrote:
The potential for traffic analysis is the danger here. If an "FBI International Data Laundering Expert" testifies in court that said data came from a site known to be frequented solely by so-and-sos, all the strong crypto in the world won't stop the average jury from convicting you.
Carl Ellison (among others, I'm sure) has suggested various means of foiling traffic analysis among a group of trusted conspirators, using a token-ring-like routing scheme. I'm not completely convinced that it's robust enough, but a variation on it is probably adaptable.
How does this differ from Dining Cryptographers approaches? --Tim May We got computers, we're tapping phone lines, we know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^756839 - 1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
On Tue, 2 Jan 1996, Timothy C. May wrote:
At 4:35 AM 1/2/96, Jon Lasser wrote:
The potential for traffic analysis is the danger here. If an "FBI International Data Laundering Expert" testifies in court that said data came from a site known to be frequented solely by so-and-sos, all the strong crypto in the world won't stop the average jury from convicting you.
Carl Ellison (among others, I'm sure) has suggested various means of foiling traffic analysis among a group of trusted conspirators, using a token-ring-like routing scheme. I'm not completely convinced that it's robust enough, but a variation on it is probably adaptable.
How does this differ from Dining Cryptographers approaches?
Totally different from a DC-Net, as far as I understand DC-Nets (I think I do, but Applied Crypto's in my dorm, and I'm at home, so I can't check) In this approach, computers are organized in "rings"; each computer in a given ring always has an encrypted packet in circulation. When the group of packets arrives at a given station, it replaces its current encrypted packet with a new packet; if it doesn't have any new packets to send, it puts up a garbage packet that is indistinguishable from a normal packet. It then scans all the other packets and attempts to decrypt them with its private key. Any it can read, it does; all the packets are forwarded to the next station in the ring. By the time the next set of packets arrives, all have been replaced; the station is unable to determine either the source or the destination of any given packet. Routing between loops is done by routers, which are computers on multiple loops. Perhaps all machines are on multiple loops and serve as routers. I'm not sure about traffic analysis in cases where Mallet controls a significant portion of the network; while this is unlikely, it must be considered. Any significant inconsistancies are probably mine... Jon Lasser ------------------------------------------------------------------------------ Jon Lasser <jlasser@rwd.goucher.edu> (410)494-3072 Visit my home page at http://www.goucher.edu/~jlasser/ You have a friend at the NSA: Big Brother is watching. Finger for PGP key.
participants (2)
-
Jon Lasser -
tcmay@got.net