On Tue, Apr 02, 2019 at 05:14:02PM +1100, Zenaan Harkness wrote:
On Mon, Apr 01, 2019 at 10:45:59PM -0400, grarpamp wrote:
I am personally convinced that a flat traffic shape will only dare attackers to cut links between parts of the network, effectively making an even larger traffic shape to corrilate with.
Today if play the cut links game, eventually a toggled link will expose the traffic you seek, because there's no fill between nodes that automatically takes its place. Your global monitor sees a respective signal slump among the nodes making up the subject path, each node distinguishable by time deltas. Such signal the adversary was probably clocking into it themselves for easier recognition anyway... fetch 1MB, fetch 1MB, fetch 1MB, fetch 1MB... oh noes.
Tor's hidden services are total sitting ducks because of this. Same for likely all current overlay networks in production regardless of whatever service they provide... from traffic, messaging, storage, cryptocurrency, and so on.
There are surely better links from the bib space, yet here are some concepts on generated buckets, retiming, how they can contain full time "empty" fill that yields to wheat demand on the line, traffic contracts, etc therein...
https://en.wikipedia.org/wiki/Generic_cell_rate_algorithm
If all the nodes are independantly maintaining independant traffic contracts between their physical and/or logical peers, cut links won't do hardly as much impact if anything at all...
A \ B + -----> M -----> { U V W X Y Z } C + D /
If actual transport GPA "route detection" resistance is desired, create many low bandwidth entries to the network and aggregate the bandwidth → this implies 'fancy' routing at some mid point node that can split an e.g. incoming stream's packets across multiple low bandwidth routes; use always only say 50% of your routes and that "connection" is not shaped downwards except that 50% of your mini routes are cut.
Sorry, that's obviously not enough. Security is not a simple problem. Actually, one of "many small" "entry" node going down is enough to identify (thinking Tor entry node here), assuming the routes can be detected. So you need "apparently stateless/ connectionless" packet routing. Try your own PHY entry node(s) and said stateless packet routing. Route creation for the micro route splitting and aggregation concept needs more thought. Creation of multiple split paths which are later aggregated may need to operate on a trusted node? Needs more thought. For anything remotely resembling a "stable" node (say to hop onto from your mobile phone) most likely needs you or a meatspace trusted friend to be the operator of, this stable node obviously needs > 1 physical peer connections. So e.g.: - You have a "stable node" at home, with ADSL to le Internet. - You add a wifi PHY link to a few neighbours. - You add a copper PHY link to at least one immediate neighbour. - Your mobile phone "low latency" and "intermittent" end UA hops to: - your phones mobile/wireless provider/ISP uplink - any other mobile phones (your friends) via local PHY (bluetooth, wireless, even USB to your desktop computer) - virtual connectionless routes to your "stable node" - virtual connectionless routes to any trusted or semi trusted friend nodes And now: - the lowest (average/ minimum) bandwidth on each of your PHY links is your MAX link speed (up or down) for anything resembling "resistant to GPA traffic analysis".