This appears to be a great paper thats right on topic - thank you.<br><br>Will have time to read tonight. Offhand, in first 2 pages they use term &quot;synchronous network&quot; - does anyone know, exactly, what they mean by this?<br><br>TIA<br><br><br>On Wednesday, October 23, 2019, Punk - Stasi 2.0 &lt;<a href="mailto:punks@tfwno.gf">punks@tfwno.gf</a>&gt; wrote:<br>&gt;<br>&gt;<br>&gt;         <a href="https://www.freehaven.net/anonbib/cache/back01.pdf">https://www.freehaven.net/anonbib/cache/back01.pdf</a><br>&gt;<br>&gt;<br>&gt; This attack reveals what seems to be a fallacy in theoretical definitions of security.<br>&gt; For example, in [28], the authors state that if links are padded or bandwidth is limited<br>&gt; to a constant rate, one can ignore passive eavesdroppers8. This is technically correct if<br>&gt; a passive eavesdropper is defined as someone who cannot access the network as a reg-<br>&gt; ular user and compute timings on the network (which is implied by the definition used<br>&gt; in most theoretical work). However this attack model is not very interesting and defi-<br>&gt; nitely misleading. The latency attack pointed out above and the next attack we present<br>&gt; demonstrate that if an attacker can simply compute timings (which is as passive as one<br>&gt; can expect an attacker to be in practice), or use the system, link padding or bandwidth<br>&gt; limiting links to a constant rate does not protect the system against easy traffic analysis<br>&gt; attacks.<br>&gt;<br>&gt;<br>&gt;<br>&gt;<br>&gt;<br>&gt;