grarpamp
2015-01-27 23:45:55 UTC
Yeah, but ... who can realistically afford that bandwidth?
One can afford what they wish to give to and thus expect to get fromthe network in return, no more, no less, as always. (Be it literally
from the physical NIC network, or the logical networks created by
their applications riding over and within the physical.)
To every possible recipient? Clearly you have to make a tradeoff.
Full meshing of chaff addressed to all participants seems unnecessary.Is there so much (possibly far less than correct) thought out there
that fill bandwidth is evil, untolerable, unmanageable, and blocking
of usability such that these networks are moot to even try coding
for general deployment?
Google Fiber offers 1Gb/second - but how many customers running all
out will overload any possible backbone behind the single link from the
house to the concentrator?
If everyone starts sending constant cover traffic, links will be quickly
overloaded all over the place. At which point the providers will start
charging [...] nobody will be happy
That's the simple man's kneejerk response when initially contemplatingthat fill bandwidth is evil, untolerable, unmanageable, and blocking
of usability such that these networks are moot to even try coding
for general deployment?
Google Fiber offers 1Gb/second - but how many customers running all
out will overload any possible backbone behind the single link from the
house to the concentrator?
If everyone starts sending constant cover traffic, links will be quickly
overloaded all over the place. At which point the providers will start
charging [...] nobody will be happy
chaffed networks.
There's room to do much better. For one thing, you don't need to saturate your link with cover traffic - you need to send enough cover traffic so that a listener can't tell the difference between cover and real traffic.
This depends on if you're network is a low latency one, or if ituses a store and forward model. Even that is tricky due to
needs to hide the size of data each endpoint exchanges from
passive adversaries. It begins to approach constant higher
rate the more you data wish to pass securely.
If your cover traffic rate equals your average rate over some period of time,
you're not adding more traffic - you're simply replacing some of your cover
messages with real messages. But ... what happens when you have a
peak demand way above your average?
Then you must wait until you can pass your wheat. Or plan youryou're not adding more traffic - you're simply replacing some of your cover
messages with real messages. But ... what happens when you have a
peak demand way above your average?
needs according to the give and get model.
As Stealthmonger has commented concerning anonymity, if you want
security against traffic analysis, you have to accept delays: Set your
cover traffic rate somewhat higher than your average rate, and you'll
*eventually* catch up with peaks (though as with any queueing system,
the delays can grow without bound - requiring unbounded memory
*somewhere*).
Delays (trading latency) are not the only way to achieve security.security against traffic analysis, you have to accept delays: Set your
cover traffic rate somewhat higher than your average rate, and you'll
*eventually* catch up with peaks (though as with any queueing system,
the delays can grow without bound - requiring unbounded memory
*somewhere*).
You may also elect to trade available throughput bandwidth in a
wheat/chaff system.
I'm not aware of any open research on these kinds of questions - though
it may well be out there. What's the optimum cover traffic rate under
various assumptions about the real traffic rate and distribution? When
is it safe to use the traffic other users present as cover for your own?
Clearly if there's only one other user sending traffic, you can't use him
for cover as *he* can tell which of the packets are yours. But is there a
way to mix traffic from multiple users in a way that requires large numbers
of them to conspire to reveal anything? The mixmaster stuff looks at this
specifically from the point of view of a store-and-forward node - is there
some suitable useful analogue on a single link? Can we somehow get
the same guarantees without storage inside the network?
There were some research references posted in the threads below.it may well be out there. What's the optimum cover traffic rate under
various assumptions about the real traffic rate and distribution? When
is it safe to use the traffic other users present as cover for your own?
Clearly if there's only one other user sending traffic, you can't use him
for cover as *he* can tell which of the packets are yours. But is there a
way to mix traffic from multiple users in a way that requires large numbers
of them to conspire to reveal anything? The mixmaster stuff looks at this
specifically from the point of view of a store-and-forward node - is there
some suitable useful analogue on a single link? Can we somehow get
the same guarantees without storage inside the network?
we're now going to have to change our attitudes toward traffic analysis.
Yes, a lot of oppurtunity exists to create new working networksin this area that utilize fill traffic and/or delay.
You may want to review the recent guardian-dev and tor-dev side
threads below on this exact subject of link padding, latency and
analysis. Relavent papers and talk have been posted.
https://lists.mayfirst.org/pipermail/guardian-dev/2014-November/004040.html
https://lists.mayfirst.org/pipermail/guardian-dev/2014-November/004069.html
https://lists.torproject.org/pipermail/tor-dev/2014-November/007741.html
https://lists.torproject.org/pipermail/tor-dev/2014-December/007934.html
https://lists.torproject.org/pipermail/tor-dev/2015-January/008039.html
http://www.metzdowd.com/pipermail/cryptography/2015-January/024479.html
https://lists.torproject.org/pipermail/tor-dev/2015-January/008099.html
[Copied a few places simply to include these ongoing links as
reference for anyone interested.]