Travis H. wrote: > Part of the problem is using a packet-switched network; if we had > circuit-based, then thwarting traffic analysis is easy; you just fill > the link with random garbage when not transmitting packets. I > considered doing this with SLIP back before broadband (back when my > friend was my ISP). There are two problems with this; one, getting > enough random data, and two, distinguishing the padding from the real > data in a computationally efficient manner on the remote side without > giving away anything to someone analyzing your traffic. I guess both > problems could be solved > by using synchronized PRNGs on both ends to generate the chaff. The > two sides getting desynchronzied would be problematic. Please CC me > with any ideas you might have on doing something like this, perhaps it > will become useful again one day.
But this is trivial. Since the traffic is encrypted, you just have a bit that says "this is garbage" or "this is traffic". OTOH, this can leave you open to traffic marking attacks. George Danezis and I wrote a paper on a protocol (Minx) designed to avoid marking attacks by making all packets meaningful. You can find it here: http://www.cl.cam.ac.uk/users/gd216/minx.pdf. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff