Net News as Cover Traffic
Ray Dillinger
bear at sonic.net
Fri Dec 1 08:56:53 PST 2000
On Fri, 1 Dec 2000, Trei, Peter wrote:
>
>> Ray Dillinger[SMTP:bear at sonic.net] wrote
>>
>> I think that what we really need is some kind of NNTP-like system
>> that distributes encrypted packets instead of cleartext ones. If
>> you want to baffle traffic analysis, just create a system where
>> they can't tell the difference between your emails and tons and
>> tons of news traffic.
>>
> [...]
>
>
>You mean like the long standing and active news group
>alt.anonymous.messages, but different?
Yes, different. alt.anonymous.messages is simply a message mix.
I'm talking about a system that would provide lots of encrypted
traffic *ON THE SAME PORTS* as whatever other encrypted traffic
you were sending. IOW, no one should be able to look at logs and
say, "well, we can ignore that packet, it's NNTP. This other
packet over here is mail, and probably the thing we're after..."
In a more general statement, I guess I'm saying that encrypted
traffic should not be segregated into different services - at
least not so you can tell which are which without decrypting.
and furthermore, even high-volume ordinary traffic - like
rec.pets.cats - should be distributed by encrypted means, so
you can't tell at the protocol level what's inside.
Bear
More information about the Testlist
mailing list