subject:"\[tor\-talk\] Timing attacks and fingerprinting users based of timestamps"

Re: [tor-talk] Timing attacks and fingerprinting users based of timestamps

2016-11-06 Thread Seth David Schoen

Flipchan writes:

> So i was thinking about timing attacks and simular attacks where time is a 
> Big factor when deanonymizing users . 
> and created a Little script that will generate a ipv4 address and send a get 
> request to that address 
> https://github.com/flipchan/Nohidy/blob/master/traffic_gen.py then delay x 
> amount of seconds and do it again. This will probelly make it harder for the 
> attacker to fingerprint the users output data due to the increased data flow 
> coming out from the server. 
> 
> So to protect against traffic timing attacks and simular would be to generate 
> More data.

This is called padding traffic and it's been studied a bit in relation
to systems like Tor.  Roger has often said that a conclusion of the
studies was that it's hard to get a lot of privacy benefit from most
padding schemes, but it might be good to know what the state of the
art is in padding attacks and defenses.

-- 
Seth Schoen  
Senior Staff Technologist   https://www.eff.org/
Electronic Frontier Foundation  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109   +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

[tor-talk] Timing attacks and fingerprinting users based of timestamps

2016-11-06 Thread Flipchan

So i was thinking about timing attacks and simular attacks where time is a Big 
factor when deanonymizing users . 
and created a Little script that will generate a ipv4 address and send a get 
request to that address 
https://github.com/flipchan/Nohidy/blob/master/traffic_gen.py then delay x 
amount of seconds and do it again. This will probelly make it harder for the 
attacker to fingerprint the users output data due to the increased data flow 
coming out from the server. 

So to protect against traffic timing attacks and simular would be to generate 
More data.

Has anyone else got any other solution for these kinds of attacks?

Take care
-- 
Sincerly flipchan 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Timing attacks and fingerprinting users based of timestamps

[tor-talk] Timing attacks and fingerprinting users based of timestamps

2 matches

Site Navigation

Mail list logo

Footer information