2013/9/4 Kyle Maxwell <[1]kylem@xwell.org>

   On Wed, Sep 4, 2013 at 8:20 AM, Lodewijk andré de la porte
   <[2]l@odewijk.nl> wrote:
   > Enough mind games. You have to pass the wires anyway, encrypt and
   trust the
   > endpoints. (and encrypt hard)

     Which, generally speaking, will still not defeat traffic analysis
     without special considerations...

   I'm gonna go ahead and suggest trickle connections. It's in my paper
   about mesh networking that I might release once. You have n connections
   to n nodes (1 on 1) and you continuously flow (both directions) random
   data over it. Occasionally instead of random data you put an encrypted
   package in it. The other end continuously (tries to) decrypt packages.
   This way you never know if something is being sent or not, at the cost
   of some bandwidth.
   Schematically:
   generate random > send buffer
   secret package > send buffer
   send buffer > stream encryption > transmit buffer
   transmit buffer > rate limited connection to peer
   on the other side:
   receive buffer > stream decryption > package detector > usual way of
   dealing with incoming packages.
   If you never actually use these trickle connections, but you do have
   them, you can deny being the origin of packages (I didn't know what it
   was! I got it over a trickle connection!). If you mark packages as "top
   secret" they should only be send over trickles and they'll never be
   network observable at all.
   Additional tricks such as delayed further transmission, network path
   mixing, etc. are all possible with what I have in my paper and should
   be (easily) doable in Tor.
   I never really understood the problem with traffic analysis.

References

   1. mailto:kylem@xwell.org
   2. mailto:l@odewijk.nl