Check out RFC 6562. It turns out ABR codecs leak out a lot of information, to the point that if one does really strong encryption on the packets... one can figure out what is being said based on packet size and timing alone.
The demo from UNC is pretty impressive. On Dec 12, 2012, at 3:45 PM, Dean Willis wrote: > > On Dec 11, 2012, at 8:47 PM, Scott Brim <[email protected]> wrote: > >> Encrypting content only provides privacy of the content. It doesn't protect >> your traffic behavior, who you communicate with, from where etc. DPI can >> sniff out a lot of this kind of information. >> > > Absolutely true. Correspondent IP addresses and ports, packet sizes, and > packet timing say a lot too. > > Things like Tor help with correspondent addresses and ports. And protocols > can be designed to provide some randomization of packet size and timing. For > example, RTP could have variation in the number of samples per packet, and > use some filler bits for additional randomization. > > These are all well within the capacity of the IETF to influence. > > -- > Dean > > _______________________________________________ > ietf-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ietf-privacy _______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
