1998-04-15 - Re: Paradoxical bandwidth ‘law’ with anonymizing systems?

Header Data

From: Illuminatus Primus <vermont@gate.net>
To: David Honig <honig@alum.mit.edu>
Message Hash: 7d4a2bf6c4a4c4b701494125d088fec6e9373a21977e6897635d456ccab9e70f
Message ID: <Pine.LNX.3.96.980415141940.2023F-100000@oto.gate.net>
Reply To: <3.0.5.32.19980415090629.007b1530@otc.net>
UTC Datetime: 1998-04-15 18:51:03 UTC
Raw Date: Wed, 15 Apr 1998 11:51:03 -0700 (PDT)

Raw message

From: Illuminatus Primus <vermont@gate.net>
Date: Wed, 15 Apr 1998 11:51:03 -0700 (PDT)
To: David Honig <honig@alum.mit.edu>
Subject: Re: Paradoxical bandwidth 'law' with anonymizing systems?
In-Reply-To: <3.0.5.32.19980415090629.007b1530@otc.net>
Message-ID: <Pine.LNX.3.96.980415141940.2023F-100000@oto.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


Another way to defeat traffic analysis is to maintain a constant stream of
traffic between servers, some of which is noise.. Only someone with the
decryption key would be able to determine which is noise and which is
signal (hopefully).  Pipenet's description involved this constant stream.. 
It may have been one of the resource-consuming aspects that the designers
of onion routing wanted to get rid of.

I have been thinking of anonymous packet resenders recently, and one of
the problems that confronted me was that regardless of how much encrypted
traffic goes between the resender systems, an organization with enough
resources could watch for "unknown" incoming connections at each of the
known resenders and match that with the outgoing connection if there
aren't too many people connected.. The organization could even force some
type of DOS on the incoming connections until the outgoing connection also
dropped (revealing the sender's identity), although I suppose the outgoing
packets could continue to be sent by the resenders in the case of a
dropped connection.  Putting the right stuff in the packets would be
difficult, though. 

To make it more difficult for such an organization to discover a sender's
identity, I thought that if anonymous connections could not be depended on
to be numerous enough, the entry points to the resender system could also
maintain popular web/ftp/mail sites which accepted requests with hidden
packet transmission requests.  Of course, this would make packet
sending/receiving very expensive, and the increased traffic coming from
one IP and destined to mostly anonymous resenders might make it stand out
from the regular connections.. but the identity tracker's job has been
made harder (since he must analyze large amounts of incoming traffic), and
the entry points to the resender system can be said to receive mostly
"innocent" data.

Any comments/ideas?

On Wed, 15 Apr 1998, David Honig wrote:

> 
> I was reading a paper on Onion routing,  and the following occurred to me:
> The FEWER people using the system, the SLOWER the system can react.
> 







Thread