On Tue, Oct 11, 2005 at 10:39:34AM -0400, jrandom at i2p.net wrote: > > (2) is entirely security through obscurity - hoping that the > adversary doesn't have the resources or inclination to mount an > attack, not on the strength of their attack. I've yet to hear of any > large scale steganographic technique capable of facing a plausible > state level adversary. In fact, I've explained how the bottleneck > exposed by (2) is relatively small to such an adversary - ISPs are > already more than capable of offering the local monitoring, technical > review, and administrative channels necessary to break it.
You have yet to establish this. Have you read that paper? My reading of it is that traffic flow analysis is seriously expensive. Probably more expensive than just NATting everyone, forcing them through government proxies, and issuing server licenses. > > Let me revise that - security through obscurity works, but only when > no one willing and able to pierce the obscurity is looking. > > Small, "primitive" systems reduce the value of piercing the > obscurity, which, given a resource constrained adversary (and they're > all resource constrained), are less apt to draw the scrutiny that a > larger "high tech" system would. As such, their (2) above would not > be their bottleneck - instead, it would be their (1). Such systems are of very limited use. Compare the internet of today to a single 80's BBS. > > What makes you think the bottleneck of (1) is more constricting than > the bottleneck of (2)? I've explained before why I believe the > bottleneck exposed by Freenet/dark's (2) isn't much - is our > disagreement based on that issue? Have I misjudged the ability of a > state level adversary to pierce Freenet/dark's obscurity, or have > I not yet made clear why I believe it isn't much? Obviously they can beat it if they spend n billion dollars installing traffic flow analysis hardware everywhere. But in real life, mostly P2P traffic is identified by its signature. The state can do what it wants; it's a matter of how much it is going to cost. -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20051011/f10ecaaa/attachment.pgp>
