On 10/20/15, grarpamp <grarpamp@gmail.com> wrote:...
[1]: https://blog.torproject.org/blog/traffic-correlation-using-netflows
My thought was solely restricted to analysis of network traffic by *passive* adversary... not involving any collusion by actives over circuits they can see inside or pump within any given onion layer, though clocked and checked network fill by all proper nodes would inhibit pumping by actives. I talked on list with someone at briarproject and wherever else on idea of filling the network with traffic vs the passives. Apologize for not making time to review Mike's proposal or develop further talk yet. Someone will review / integrate fill padding of network with regard anonbib, Mike's, etc I'm sure, as it is clearly (to me at least) a weakness of non-filled non-store-and-forward networks vs the passives which we all know and love.
note that userspace stacks with multi-homed mobility-capable IPv6 ORCHIDv2 addresses can maintain logical connectivity over a set of paths/circuits such that active attacks reduce capacity but are unable to execute the easy confirmation and tagging attacks available in a stream oriented implementation with TCP links over IPv4. in theory... ;P best regards,