Re: Safest exit country?

4 Sep 2013

      2013/9/4 Kyle Maxwell 
...
...
Enough mind games. You have to pass the wires anyway, encrypt and trust
On Wed, Sep 4, 2013 at 8:20 AM, Lodewijk andré de la porte 
wrote:
the
...
endpoints. (and encrypt hard)
Which, generally speaking, will still not defeat traffic analysis
without special considerations...
I'm gonna go ahead and suggest trickle connections. It's in my paper about
mesh networking that I might release once. You have n connections to n
nodes (1 on 1) and you continuously flow (both directions) random data over
it. Occasionally instead of random data you put an encrypted package in it.
The other end continuously (tries to) decrypt packages. This way you never
know if something is being sent or not, at the cost of some bandwidth.

Schematically:

generate random > send buffer
secret package > send buffer
send buffer > stream encryption > transmit buffer
transmit buffer > rate limited connection to peer

on the other side:
receive buffer > stream decryption > package detector > usual way of
dealing with incoming packages.

If you never actually use these trickle connections, but you do have them,
you can deny being the origin of packages (I didn't know what it was! I got
it over a trickle connection!). If you mark packages as "top secret" they
should only be send over trickles and they'll never be network observable
at all.

Additional tricks such as delayed further transmission, network path
mixing, etc. are all possible with what I have in my paper and should be
(easily) doable in Tor.

I never really understood the problem with traffic analysis.