1997-10-02 - Traffic Analysis and Cover Traffic (fwd)

Header Data

From: Jim Choate <ravage@ssz.com>
To: cypherpunks@ssz.com (Cypherpunks Distributed Remailer)
Message Hash: 555fdef56a7d21bf97fa9bdde94a82d25fb27780e8a6bbb0802d369387a9b306
Message ID: <199710020120.UAA23468@einstein.ssz.com>
Reply To: N/A
UTC Datetime: 1997-10-02 01:17:38 UTC
Raw Date: Thu, 2 Oct 1997 09:17:38 +0800

Raw message

From: Jim Choate <ravage@ssz.com>
Date: Thu, 2 Oct 1997 09:17:38 +0800
To: cypherpunks@ssz.com (Cypherpunks Distributed Remailer)
Subject: Traffic Analysis and Cover Traffic (fwd)
Message-ID: <199710020120.UAA23468@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text



Forwarded message:

> Date: Wed, 1 Oct 1997 09:33:13 -0700
> From: Tim May <tcmay@got.net>
> Subject: Traffic Analysis and Cover Traffic

> As I understand your example above, the sender becomes less identifiable
> because he can always be counted on to send some packets; an attacker
> cannot see a message after a long period of no messages and correlate it to
> a similar sudden increase of activity at a possible recipient machine.
> 
> Traffic analysis is something you should look at. And think about.

This holds if it is a one-time occurance. If Mallet is looking at the
traffic over a very long time it is completely reasonable to expect some
correlation to become clear.

To address the example another presented about some book example of burst
analysis. Look at real-world examples such as the underground in France in
WWII. They would generate a single message on a known frequency at a
specific time. Thus interested parties could dial-in and get the info but
would not provide the Nazi's with sufficient traffic or time to get a
bearing. The revolutionaries in the book are amateurs and deserve what they
get since it is clear they are incompentent and by extension not fit to run
a country. Anyone with a clue will use times single instance transmissions
and if available burst or SS transmitters to reduce the transmission time
even more.

With current technology like full-time satellite surveillance and
transmitter characteristic analysis anything more than a single burst
transmission with the radio from a random location will provide sufficient
traffic to get a fix. You should also throw the transmitter away or change
the drivers in the finals after each use as characteristic analysis will
provide Mallet with the means to track the transmitter and thereby apply
traffic analysis (just like they use in some cell systems).



    ____________________________________________________________________
   |                                                                    |
   |    The financial policy of the welfare state requires that there   |
   |    be no way for the owners of wealth to protect themselves.       |
   |                                                                    |
   |                                       -Alan Greenspan-             |
   |                                                                    | 
   |            _____                             The Armadillo Group   |
   |         ,::////;::-.                           Austin, Tx. USA     |
   |        /:'///// ``::>/|/                     http:// www.ssz.com/  |
   |      .',  ||||    `/( e\                                           |
   |  -====~~mm-'`-```-mm --'-                         Jim Choate       |
   |                                                 ravage@ssz.com     |
   |                                                  512-451-7087      |
   |____________________________________________________________________|






Thread