pipenet padding

[William Hitzke]

that's a *great* summary.

the attack summary leaves me thinking, tho:

if you take the pipenet model (w/ end-to-end padding replaced by
link padding), and layer on top of that a virtual circuit that is a
composite of multiple routes through the pipenet, than are you
not resistant to traffic analysis w/o being burdened by the risk of DoS?

rather than having a circuit being a single
route that can be easily analyzed, you utilize multiple routes,
and distribute traffic over those routes both in a fashion
meant to guard against passive latency attacks and route tracing,
but also capable (given cooperation between the end nodes) of
responding to active attacks on any sub-set of the routes?

this seems similar to the mix-net mentioned on page 4, but i
haven't read much on those. could somebody point to some material?

hmmmm, also, w/ multiple channels, you have more room
to randomly tear-down channels (rather than all at once).
if incoming traffic can be queued at the end node (which
i'm trying to do, so that even if somebody has lost all
channels, they have a small period of time to reconnect to
the end node and revive a session), you can reduce the benefit
of manipulating latancy within some fixed local time period
(at least for semi-realtime applications like http). iow,
how long is an attacker willing to wait for his manipulations
to manifest? it buys time for the network to react. i guess
the basic idea i have is to move away from a static,
synchronous network, and to utilize synchrnous routes w/ an
intelligent asynchronous layer on top.

thanx,

Bill


On Wed, Nov 28, 2001 at 04:49:53PM -0800, Anton Stiglic wrote:
> You might be interested in this paper:
> 
> http://crypto.cs.mcgill.ca/~stiglic/Papers/traffic.pdf
> 
> In case you have not seen it...
> 
> --Anton