point to a paper that might help (cb26a7244) - tor-webwml.git

volunteer.html

@@ -227,14 +227,16 @@ href="http://freehaven.net/anonbib/#timing-fc2004">defensive dropping</a>,
 or we could add traffic delays. How much of an impact do these have,
 and how much usability impact (using some suitable metric) is there from
 a successful defense in each case?</li>
-<li>The "end-to-end traffic confirmation attack": by watching traffic at
-Alice and at Bob, we can compare traffic signatures and become convinced
-that we're watching the same stream. So far Tor accepts this as a fact
-of life and assumes this attack is trivial in all cases. First of all,
-is that actually true? How much traffic of what sort of distribution is
-needed before the adversary is confident he has won? Are there scenarios
-(e.g. not transmitting much) that slow down the attack? Do some traffic
-padding or traffic shaping schemes work better than others?</li>
+<li>The "end-to-end traffic confirmation attack":
+by watching traffic at Alice and at Bob, we can <a
+href="http://freehaven.net/anonbib/#danezis:pet2004">compare
+traffic signatures and become convinced that we're watching the same
+stream</a>. So far Tor accepts this as a fact of life and assumes this
+attack is trivial in all cases. First of all, is that actually true? How
+much traffic of what sort of distribution is needed before the adversary
+is confident he has won? Are there scenarios (e.g. not transmitting much)
+that slow down the attack? Do some traffic padding or traffic shaping
+schemes work better than others?</li>
 <li>The "routing zones attack": most of the literature thinks of
 the network path between Alice and her entry node (and between the
 exit node and Bob) as a single link on some graph. In practice,


...	...	@@ -227,14 +227,16 @@ href="http://freehaven.net/anonbib/#timing-fc2004">defensive dropping</a>,
227	227	or we could add traffic delays. How much of an impact do these have,
228	228	and how much usability impact (using some suitable metric) is there from
229	229	a successful defense in each case?</li>
230		-<li>The "end-to-end traffic confirmation attack": by watching traffic at
231		-Alice and at Bob, we can compare traffic signatures and become convinced
232		-that we're watching the same stream. So far Tor accepts this as a fact
233		-of life and assumes this attack is trivial in all cases. First of all,
234		-is that actually true? How much traffic of what sort of distribution is
235		-needed before the adversary is confident he has won? Are there scenarios
236		-(e.g. not transmitting much) that slow down the attack? Do some traffic
237		-padding or traffic shaping schemes work better than others?</li>
	230	+<li>The "end-to-end traffic confirmation attack":
	231	+by watching traffic at Alice and at Bob, we can <a
	232	+href="http://freehaven.net/anonbib/#danezis:pet2004">compare
	233	+traffic signatures and become convinced that we're watching the same
	234	+stream</a>. So far Tor accepts this as a fact of life and assumes this
	235	+attack is trivial in all cases. First of all, is that actually true? How
	236	+much traffic of what sort of distribution is needed before the adversary
	237	+is confident he has won? Are there scenarios (e.g. not transmitting much)
	238	+that slow down the attack? Do some traffic padding or traffic shaping
	239	+schemes work better than others?</li>
238	240	<li>The "routing zones attack": most of the literature thinks of
239	241	the network path between Alice and her entry node (and between the
240	242	exit node and Bob) as a single link on some graph. In practice,
241	243