Safest exit country?

Lodewijk andré de la porte l at odewijk.nl
Wed Sep 4 07:33:49 PDT 2013


2013/9/4 Kyle Maxwell <kylem at xwell.org>

> On Wed, Sep 4, 2013 at 8:20 AM, Lodewijk andré de la porte <l at odewijk.nl>
> wrote:
> > Enough mind games. You have to pass the wires anyway, encrypt and trust
> the
> > endpoints. (and encrypt hard)
>
> Which, generally speaking, will still not defeat traffic analysis
> without special considerations...


I'm gonna go ahead and suggest trickle connections. It's in my paper about
mesh networking that I might release once. You have n connections to n
nodes (1 on 1) and you continuously flow (both directions) random data over
it. Occasionally instead of random data you put an encrypted package in it.
The other end continuously (tries to) decrypt packages. This way you never
know if something is being sent or not, at the cost of some bandwidth.

Schematically:

generate random > send buffer
secret package > send buffer
send buffer > stream encryption > transmit buffer
transmit buffer > rate limited connection to peer

on the other side:
receive buffer > stream decryption > package detector > usual way of
dealing with incoming packages.

If you never actually use these trickle connections, but you do have them,
you can deny being the origin of packages (I didn't know what it was! I got
it over a trickle connection!). If you mark packages as "top secret" they
should only be send over trickles and they'll never be network observable
at all.

Additional tricks such as delayed further transmission, network path
mixing, etc. are all possible with what I have in my paper and should be
(easily) doable in Tor.

I never really understood the problem with traffic analysis.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2585 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20130904/851e1827/attachment-0001.txt>


More information about the cypherpunks mailing list