On Fri, Oct 13, 2017 at 12:50:34PM +0200, Jeff Burdges wrote: > Tor only provides cryptographic unlinkability between packets, but does > not protect against traffic analysis. > > As a rule, anonymity systems proposed by academics attempt to protect > against traffic analysis too, but such schemes must pay for this > protection with both higher bandwidth, usually through cover traffic, > and increased latency.
The trick is to make the cover traffic actually useful for end-users.. ideally by making *all* of their everyday operations a part of the cover traffic. That also implies that it makes sense to aim for one and only one anonymizing protocol stack that should integrate all future and past internet applications, and to make properties like latency and depth of anonymization configurable by the applications, so that the routing layer can treat a secret conversation differently from a bulk video stream. Still, the video stream you watch while you chat can be enough to protect your metadata better. GNUnet provides file sharing for that purpose. secushare is working to add multicast pubsubs and social networking, so you can indeed be watching a stream or have chitchat about the weather be going on in the background that produces cover for the actual private stuff. > Arguably, you cannot protect against traffic analysis at all in a > circuit based system like Tor anyways. And Tor does not do cover > traffic or delays for this reason. It's the POSIX socket that most Internet applications expect that is by design subjectible to traffic shaping. If we redesign applications to only submit complete packets, we're a step closer. One more reason it makes sense to redo apps on top of GNUnet. In theory, Tor could offer a packet-oriented API instead of SOCKS5, but the safety of it would still suffer from the fact that almost everyone uses Tor for HTTP and other TCP stuff. Those protocols are no longer fit for future. Yes, I know, Jeff has gnunet.org in his address, so I'm not telling these things to Jeff... ;) ... but I sensed that they still deserve being said, every now and then. Also I'm curious if there's any flaw in it. -- E-mail is public! Talk to me in private using encryption: http://loupsycedyglgamf.onion/LynX/ irc://loupsycedyglgamf.onion:67/lynX https://psyced.org:34443/LynX/ _______________________________________________ Messaging mailing list Messaging@moderncrypto.org https://moderncrypto.org/mailman/listinfo/messaging