[ExI] possible scheme for privacy
rafal.smigrodzki at gmail.com
Wed Jul 23 06:50:55 UTC 2014
On Mon, Jul 21, 2014 at 9:21 AM, Harvey Newstrom <mail at harveynewstrom.com>
> And it's more than just the intended traffic that needs to be made
> uniform. The underlying TCP/IP stack on the operating systems and routers
> will respond differently to lost packets, resend requests, time-out
> duration, dynamic window sizes for throughput, optimizing throughput
> speeds, buffer sizes and related delays, etc. To make the traffic look
> identical, all users would have to use the exact same hardware, software,
> operating systems, TCP/IP stacks, patching levels, router brands,
> memory/disk sizes and delays, number of hops in their local network, and
> constant unchanging traffic loads on their local networks. To be even more
> extreme, there could be differing timing delays or error rates based on
> what brand Ethernet cables they use and how far they are from the
> electrical wires in each home. There would be no way to make everything
> exactly identical.
> Beyond the above items that might be within the user's control, there is
> no way all users could obtain the same distance/delay to their local ISP,
> or have all ISPs using the same exact same hardware, software, operating
> systems, TCP/IP stacks, patching levels, router brands, memory/disk sizes
> and delays, number of hops in their local network, and constant unchanging
> traffic loads on their metropolitan area networks. The extremely complex
> chain of connectivity between each user and their ISP will add traffic
> analysis signatures unique to that user, but outside their control,
> somewhere between their location and their ISP.
> At first glance, this seems unlikely to be doable by individual users.
> Maybe if a whole apartment building or neighborhood block merged their
> traffic and tunneled it through a shared VPN, they might be able to mask
> individual differences. But then they would be traceable back to that
> local group. As long as each person has an individual data stream to their
> ISP, they will probably have unique traffic analysis signatures.
### Let's think about it more. We are talking about a defense against an
attacker who has the ability to intercept data streams between nodes but
does not have access to unencrypted contents of the streams. The objective
is to prevent the attacker from inferring if text information was sent
between arbitrary nodes.
A node always sends data to a subset of nodes, at constant rates determined
by their role in the network. An end-user may be sending/receiving to 2 - 3
nodes, at a low rate, maybe even as slow as manual typing, since we are
talking about hiding ASCII conversations. A router may be constantly
sending steady data streams to the same 3000 other nodes. We are not
talking about the internet as we know here. The internet was designed for
resilience and efficiency, so of course the nodes respond to changing loads
and changing topology, and this implies dependence on all those individual
properties of nodes and their connections that are hard to control. The
network we discuss here is willing to burn a constant amount of bandwidth,
so no matter what the users do or don't, each user node sends the same
stream to its designated servers, each server sends the same streams to its
designated connections. Yes, you can observe the individual characteristic
of each connection - its packet loss rate, minor timing differences due to
hardware at each end - but you cannot infer if a given data stream contains
100% contraband text, 100% chaff, or anything in between.
Or can you?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the extropy-chat