[freenet-dev] Traffic Flow Analysis Is Really Easy
Michael Rogers
m.rogers at cs.ucl.ac.uk
Mon Feb 12 12:13:25 UTC 2007
Florent Daignière (NextGen$) wrote:
> * Matthew Toseland <toad at amphibian.dyndns.org> [2007-02-11 00:50:31]:
>> http://www.securityfocus.com/infocus/1843/3
Nasty - see also
http://www.cs.ucr.edu/~tkarag/papers/BLINC.pdf
> We are safe from that when using darknet ;)
Right, we just look like someone holding ten simultaneous 72-hour Skype
conversations. ;-)
> According to the end of the article, they plan to use size of packets to
> identify the p2p traffic as well ... We are immune to that too as we do
> use random size padding, aren't we ?
Only if everyone else uses random padding with the same statistical
distribution...
There seems to be two approaches we could take:
1) Standardising approach: try to persuade a wide range of P2P and VoIP
projects to use the same encrypted UDP protocol. Lots of effort and
unlikely to succeed, but if it works we can hide among a large amount of
traffic, some of which will be politically awkward to block.
2) Guerrilla approach: keep writing new transport plugins and try to
stay ahead of the filters. The problem is that you know when you've been
filtered, but you don't know when you've been logged.
Cheers,
Michael
More information about the Devl
mailing list