Yes, the system is vulnerable to client enumeration if there are few facilitators and proxies. If there are many facilitators and proxies, then the adversary needs to discover facilitators, constantly poll them, and compete with legitimate proxies to learn client IPs.
They won't discover every facilitator and cannot poll too aggressively without detection, but will certainly learn some client IPs. This may or may not be an acceptable risk. As the authors discussed, the adversary can already conduct traffic analysis, so it might be no worse than the status quo. On Thu, Jan 3, 2013 at 5:57 PM, Daniel Colascione <dan...@dancol.org> wrote: > I'm extremely worried by the client enumeration problem. Nothing > could paint a brighter target on dissidents. Normalization is no > defense here, since it applies to any scheme for circumventing a > censorship system.
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech