On 8/28/15, Steve Kinney <admin@pilobilus.net> wrote:
... "Everybody knows" that effective resistance to traffic analysis of an encrypted low-latency anonymizing network requires a constant flow of traffic, padded as necessary with dummy packets to maintain a constant through-put when an endpoint is idle. This deprives observers of the ability to match the endpoints of any given session by analyzing the timing and number of packets at entry and exit nodes.
this is one approach, "zero knowledge" mixes. there are interesting research avenues around low latency traffic analysis resistant techniques. they're more complicated, of course, and in fact it is this complexity to blame rather than any conspiracy.
But nobody implements effective cover traffic: The reasons given for this deficiency include concerns about bandwidth limitations
effective cover traffic for zero knowledge mix is significant. this is because to be effective in a traditional mix produces bandwidth explosion among participants. i challenge you to show an effective mix protocol without this bandwidth explosion that also does not introduce a break in guarantee of anonymity.
and processor overhead. 20 years ago these barriers were real, today not so much. I2P users have the option of hosting enough torrents to keep cover traffic unrelated to their other uses of that network going;
wrong. I2P does not provide traffic analysis resistance, nor defense against active attacker.
this is not as effective as padding traffic to maintain a uniform flow, but way better than no cover traffic.
wrong. "way better" way too generous. this is just wrong. part of the problem is that active attacks and traffic analysis are so hugely effective. the defense of "adding some torrents" is misguided wishful thinking.
TOR actively discourages file sharing, "because" this would cause bandwidth and processor overhead problems.
again, more complicated. not just technical but legal.
I believe it would be much easier to persuade the TOR Project to implement cover traffic, or to create a next generation TOR network that does, than to persuade router makers to support today's other than best practices TOR network by default. But I'm not sure that this can be done by any project based in a U.S. controlled jurisdiction, as it would be contrary to the National Interest.
Tor research continues. however, solving low latency traffic analysis resistant anonymity is much harder than just "implement cover traffic"! in fact, you need to solve half a dozen hard problems at once, including how to define an appropriate level of cover traffic over selected links. best regards