Mike Perry commited on 2008-03-13 04:45:15
Zeige 1 geänderte Dateien mit 15 Einfügungen und 0 Löschungen.
... | ... |
@@ -949,6 +949,21 @@ much traffic of what sort of distribution is needed before the adversary |
949 | 949 |
is confident he has won? Are there scenarios (e.g. not transmitting much) |
950 | 950 |
that slow down the attack? Do some traffic padding or traffic shaping |
951 | 951 |
schemes work better than others?</li> |
952 |
+<li>A related question is: Does running a relay/bridge provide additional |
|
953 |
+protection against these timing attacks? Can an external adversary that can't |
|
954 |
+see inside TLS links still recognize individual streams reliably? |
|
955 |
+Does the amount of traffic carried degrade this ability any? What if the |
|
956 |
+client-relay deliberately delayed upstream relayed traffic to create a queue |
|
957 |
+that could be used to mimic timings of client downstream traffic to make it |
|
958 |
+look like it was also relayed? This same queue could also be used for masking |
|
959 |
+timings in client upstream traffic with the techniques from <a |
|
960 |
+href="http://www.freehaven.net/anonbib/#ShWa-Timing06">adaptive padding</a>, |
|
961 |
+but without the need for additional traffic. Would such an interleaving of |
|
962 |
+client upstream traffic obscure timings for external adversaries? Would the |
|
963 |
+strategies need to be adjusted for asymmetric links? For example, on |
|
964 |
+asymmetric links, is it actually possible to differentiate client traffic from |
|
965 |
+natural bursts due to their asymmetric capacity? Or is it easier than |
|
966 |
+symmetric links for some other reason?</li> |
|
952 | 967 |
<li>The "routing zones attack": most of the literature thinks of |
953 | 968 |
the network path between Alice and her entry node (and between the |
954 | 969 |
exit node and Bob) as a single link on some graph. In practice, |
955 | 970 |