Mid-Latency [Re: Is three hops enough? (was Re: Tor client over a SOCKS proxy, and Tor client running through another Tor Circuit)]
nickm at freehaven.net
Fri Apr 28 22:19:57 UTC 2006
[Fixed topposting so conversation can flow.]
On Fri, Apr 28, 2006 at 03:05:44PM -0700, Ringo Kamens wrote:
> On 4/28/06, Nick Mathewson <nickm at freehaven.net> wrote:
> >I'd like to register a small objection: while (absent countermeasures)
> >correlation attacks work, it remains to be proven whether or not you
> >can improve security significantly while adding only a small,
> >tolerable, amount of padding and delay.
> Here's an example where cover traffic is good. If somebody has access to
> servers and is trying to correlate users to traffic, and some users have
> cover traffic then those users will ALWAYS show up as the users who are
> using traffic at the same time and thus it is harder to track them down.
I think you misread me; I didn't say, "cover traffic never helps." I
said, "nobody knows whether a little bit of cover traffic helps much."
This defense you describe (usually called "constant-rate padding")
works if the users in question are always sending at the same rate and
at the same pattern. But this means that if they *ever* want, say, a
10kpbs download, they must *constantly* generate 10kpbs worth of
traffic, which is quite expensive for the network to deal with.
Also, if their computers sometimes crash, they're in trouble, since
they're not "always on" any more: see
Now, it is *possible* that there is a system like this where you can
get good effects with just a little big of extra cover traffic. It is
also possible, however, that there isn't one. Nobody has done the
experimentation and analysis to prove either way.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 654 bytes
Desc: not available
More information about the tor-talk