On 4 September 2013 20:09, <[email protected]> wrote: > Now node B does not stream the data to node C, but obfuscates > it. That means if there are n packages it transforms them into > m packages in some unpredictable way and each new packages gets > a small amount of additional random-data. > (The point is that the new stream will not look at all like the > old one) > > Only node B nows the way to de-obfuscate this. But B and C did > a handshake and using this encryption B shares with C how to > de-obfuscate the data.
Node A sends 40KB of data to Node B, in some particular distribution. Node B sends 60KB of data (a 50% increase!) in a new distribution to Node C. Node C sends 40 KB of traffic to whereever. An adversary watching Node B knows that it is passing the data from A to C. It's obvious. Now, it's _less_ obvious when Node B is receiving two streams of data, 40KB from Node A and 50KB from Node X, and sending two streams of 60KB to Nodes Y and Z (which stream went where?) - but that only holds up for really small streams. For longer lived streams in a low latency network where the packet sizes and frequency of the Node A->B and X->B streams diverge, the B->Y and B->Z streams will likewise diverge, and it's then easy to correlate them again. -tom _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
