On Thu, Oct 27, 2005 at 01:37:28PM -0400, [EMAIL PROTECTED] wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > (continuing the reply w/ regards to the other non-CBR issues) > > > This is as opposed to a system such as I2P operates now, where > > connections are set up on the whim of the tunnel creator, where > > passive traffic analysis can probably reveal where the tunnel is > > going to, unless either its construction is so slow that it's > > impossible to tell it from the other tunnels > > I wouldn't say construction, but operation. Construction is just > one packet, and payload does not immediately follow.
Hmmm. Well the idea I was trying to get across above was tied to "new data flows", but basically, on each node, it must be plausible that a packet going to a given node came from the local node or is forwarded from any of several connected nodes which sent us data recently. > > > (this is a serious option; users may not mind it if we give them > > a nice GUI), I was thinking of connection setup, or new traffic, here. Which can be distinguished from existing flows if there is insufficient cover traffic. Which I submit there always will be on an any-to-any network, because most of the time a new connection flow will be A -> B -> C, where A, B and C were not exchanging data before; it can be easily distinguished from background traffic. > > True, throttling individual tunnels to no more than X KBps has real > potential for some applications. I2P 3.0 will offer this [1] > > [1] http://www.i2p.net/todo#batching > > > or we are very lucky with cover traffic. > > Tunnel creation itself doesn't require us to be very lucky, the > attack P = (c/n)^h is negligible. Tunnel operation against global > passive adversaries, however, is a bitch. It's a different c than in most of the other attacks though. If h is 3 and c is say all the nodes in the USA (via CALEA), then you have a problem. > > =jr -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ chat mailing list chat@freenetproject.org Archived: http://news.gmane.org/gmane.network.freenet.general Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat Or mailto:[EMAIL PROTECTED]
