On 08/27/2013 01:17, Perry E. Metzger wrote:
On Mon, 26 Aug 2013 17:39:16 -0400 The Doctor dr...@virtadpt.net
wrote:
On 08/26/2013 09:26 AM, Perry E. Metzger wrote:
Mix networks are, however, a well technique. Onion networks, which
are related, are widely deployed right now in the form of
On Sun, 25 Aug 2013 23:40:35 -0400 Phillip Hallam-Baker
hal...@gmail.com wrote:
There has to be a layered approach.
Traffic analysis is probably going to demand steganography and that
is almost by definition outside standards work.
I'm unaware of anyone who has seriously proposed
On Mon, 26 Aug 2013 14:53:54 -0400 Richard Salz rich.s...@gmail.com
wrote:
Traffic analysis is the problem
Do you really think that for most people on the planet, that it is?
Probably. If one's threat model is mass dragnet surveillance, traffic
analysis is far too useful a way for the enemy
On Fri, 23 Aug 2013 09:38:21 -0700 Carl Ellison c...@acm.org wrote:
Meanwhile PRISM was more about metadata than content, right? How
are we going to prevent traffic analysis worldwide?
The best technology for that is mix networks.
At one point, early in the cypherpunks era, mix networks were
There has to be a layered approach.
Traffic analysis is probably going to demand steganography and that is
almost by definition outside standards work.
The part of Prism that I consider to be blatantly unconstitutional is that
they keep all the emails so that they can search them years later
Hi,
I wrote a patch to force openssh to use constant time
and packet-size on the SSHv2 connection so observers
of traffic cant correlate SSH connections to each other.
You can find it here:
http://c-skills.blogspot.com/2008/12/sshv2-trickery.html
l8er,
Sebastian
--
~~
~~ perl self.pl
~~
http://www.nytimes.com/2008/02/05/science/space/05spotters.html
When the government announced last month that a top-secret spy satellite
would, in the next few months, come falling out of the sky, American
officials said there was little risk to people because satellites fall
out of orbit
On Mon, 23 Oct 2006 11:43:17 +0200, George Danezis
[EMAIL PROTECTED] wrote:
Hi Leandro,
I am compiling a review paper on traffic analysis as well as a talk.
They can be found here:
http://homes.esat.kuleuven.be/~gdanezis/TAIntro.pdf
http://homes.esat.kuleuven.be/~gdanezis/talks/TAIntro
Hi Leandro,
I am compiling a review paper on traffic analysis as well as a talk.
They can be found here:
http://homes.esat.kuleuven.be/~gdanezis/TAIntro.pdf
http://homes.esat.kuleuven.be/~gdanezis/talks/TAIntro-prez.pdf
These will soon be expanded (by January) since they are going
On 10/19/06, Leandro Meiners [EMAIL PROTECTED] wrote:
Can anybody point me to any good references regarding traffic analysis?
This is the only interesting page I found on it:
http://guh.nu/projects/ta/safeweb/safeweb.html
There are some historical incidents that are sufficiently old
Dear list,
Can anybody point me to any good references regarding traffic analysis?
regards,
Leandro.
--
Leandro Federico Meiners
GnuPG key fingerprint:
7B98 C0F5 42A3 2BEE 44AF
9D19 936F 5957 27DF AE74
GnuPG-Key:
http://pgp.mit.edu:11371/pks/lookup?op=indexsearch=lmeiners
Some folks might be interested in
http://villagevoice.com/news/0642,torturetaxi,74732,2.html -- it's not
precisely traffic analysis, but there are enough similar techniques that I
think it's relevant to this list.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
We tend to think of traffic analysis as a modern technique, but it's
actually quite old. Here is a message from a spy, observing the
activities of two of (English Queen) Elizabeth I's courtiers, whom he
suspected of trying to manipulate her successor:
many secret meetings are made
Travis H. wrote:
Part of the problem is using a packet-switched network; if we had
circuit-based, then thwarting traffic analysis is easy; you just fill
the link with random garbage when not transmitting packets.
OK so far ...
There are two problems with this; one, getting
enough
plaintext consists primarily of large packets, you should make the MTU large.
This means that a lot of bandwidth will be wasted on padding if/when there
are small packets (e.g. keystrokes, TCP acks, and voice cells) but that's
the price you have to pay to thwart traffic analysis.
I'm not so sure
I assume that the length is
explicitly encoded in the legitimate packet. Then the peer for the
link ignores everything until the next escape sequence introducing a
legitimate packet.
I should point out that encrypting PRNG output may be pointless, and
perhaps one optimization is to stop
should make the MTU large.
This means that a lot of bandwidth will be wasted on padding if/when there
are small packets (e.g. keystrokes, TCP acks, and voice cells) but that's
the price you have to pay to thwart traffic analysis.
Travis H. wrote:
I'm not so sure. If we're talking about thwarting
On Mon, May 23, 2005 at 11:46:25AM -0400, Perry E. Metzger wrote:
|
| The original article has some nice diagrams, but unfortunately,
| because of the NY Times' policies, the article won't be online in a
| few days.
The times is trying to address this for RSS readers. Aaron Swartz has
some code
On Sep 7, 2004, at 11:12 PM, Steve Bellovin wrote:
What are some of the classic, must-read, references on traffic
analysis?
(I'm familiar with the Zendian problem, of course.)
In looking through my library, I came across two references (I would
not say 'must read' though).
Code Breakers (David
John S. Denker wrote:
More specifically, anybody who thinks the scheme
I described is vulnerable to a timing attack isn't
paying attention. I addressed this point several
times in my original note. All transmissions
adhere to a schedule -- independent of the amount,
timing, meaning, and other
John S. Denker writes:
More specifically, anybody who thinks the scheme
I described is vulnerable to a timing attack isn't
paying attention. I addressed this point several
times in my original note. All transmissions
adhere to a schedule -- independent of the amount,
timing, meaning, and
Quoting John S. Denker [EMAIL PROTECTED]:
More specifically, anybody who thinks the scheme
I described is vulnerable to a timing attack isn't
paying attention. I addressed this point several
times in my original note. All transmissions
adhere to a schedule -- independent of the amount,
On Wednesday, August 27, 2003, at 04:09 PM, An Metet wrote:
This is from http://www.lawnerds.com/testyourself/criminal_rules.html:
Check out a better source (specifically 18 U.S.C. 371), or
http://www.rense.com/general9/cons.htm.
A person is guilty of conspiracy if:
- Two or more people
On Thu, Aug 28, 2003 at 08:06:07AM -0400, John S. Denker wrote:
[...]
The solution I outlined is modelled after
procedures that governments have used for decades
to defend against traffic analysis threats to
their embassies and overseas military bases.
More specifically, anybody who thinks
analysis with much
more powerful techniques; he is assuming he owns
the endpoint or otherwise can see through the
crypto into the plaintext.
Let us not confuse traffic analysis issues with
anonymity issues.
I explicitly said that traffic analysis was not the
only threat to be considered.
To say
At 01:01 PM 8/27/03 -0700, Jim McCoy wrote:
While IANL, it seems that the whole anonymity game has a flaw that
doesn't even require a totalitarian regime. I would direct you to the
various laws in the US (to pick a random example :) regarding
conspiracy. Subscribing to an anonymity service
Jim McCoy writes:
While IANL, it seems that the whole anonymity game has a flaw that
doesn't even require a totalitarian regime. I would direct you to the
various laws in the US (to pick a random example :) regarding
conspiracy. Subscribing to an anonymity service might not become
A couple of people wrote in to say that my remarks
about defending against traffic analysis are not
true.
As 'proof' they cite
http://www.cypherspace.org/adam/pubs/traffic.pdf
which proves nothing of the sort.
The conclusion of that paper correctly summarizes
the body of the paper; it says
Slightly off-topic, but a reminder of the sort of thing that ordinary
crypto doesn't hide.
http://www.silicon.com/news/59-51/1/5093.html?rolling=2
IT Myths: Colombian drugs gang's mainframe-assisted assassinations?
Did drugs barons really use multi-million pound systems to see who
was
Slightly off-topic, but a reminder of the sort of thing that
ordinary crypto doesn't hide.
http://www.silicon.com/news/59-51/1/5093.html?rolling=2
IT Myths: Colombian drugs gang's mainframe-assisted assassinations?
Did drugs barons really use multi-million pound systems to see who
Personal
(Use it if you'd like, but keep me out of it.)
Steve Bellovin wrote:
Slightly off-topic, but a reminder of the sort of thing that ordinary
crypto doesn't hide.
http://www.silicon.com/news/59-51/1/5093.html?rolling=2
IT Myths: Colombian drugs gang's mainframe-assisted
31 matches
Mail list logo