On 2013-08-20, at 3:31 PM, Fabio Pietrosanti (naif) wrote:
> Hi all,
>
> at GlobaLeaks we are going to implement a feature that want to
> mitigate time correlation attacks between a Whistleblower submitting
> something and a Receiver, receiving a notification that there's a new
> leak outstanding
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Fabio,
It seems to me that there are two fundamental problems to solve if you
want to disguise the correlation between a node's inputs (submissions,
comments and edits) and its outputs (notifications).
The first problem is disguising the correlati
On 21 August 2013 08:35, Fabio Pietrosanti (naif) wrote:
> Hey Peter,
>
> thanks for your analysis!
>
No worries
>
>
> I think we need to provide some additional input!
>
> In the context of GlobaLeaks where, stating from our Threat Model at
> https://docs.google.com/document/d/1niYFyEar1FUmSt
On 21 August 2013 03:35, Fabio Pietrosanti (naif) wrote:
> Hey Peter,
>
> thanks for your analysis!
>
> I think we need to provide some additional input!
>
> In the context of GlobaLeaks where, stating from our Threat Model at
> https://docs.google.com/document/d/1niYFyEar1FUmStC03OidYAIfVJf18ErU
Dear Fabio,
On 21. Aug 2013, at 09:35 AM, "Fabio Pietrosanti (naif)"
wrote:
> Which kind of logic / algorithm to apply on the Receiver's notification
> timing in order to prevent / reduce the likelihood that a time correlation
> pattern is possible?
>
> A random delay between a lower bounday
Hey Peter,
thanks for your analysis!
I think we need to provide some additional input!
In the context of GlobaLeaks where, stating from our Threat Model at
https://docs.google.com/document/d/1niYFyEar1FUmStC03OidYAIfVJf18ErUFwSWCmWBhcA/pub
, the Whistleblower can also be NON anonymous but approa
Hi Fabio,
While I don't mean to be dismissive, I suspect your threat model is flawed
for the following reasons:
i. Most mid to large companies would not permit the use of Tor within their
infrastructure and even if the hypothetical company did, it doesn't take a
whole lot of effort to track down
Hi all,
at GlobaLeaks we are going to implement a feature that want to mitigate
time correlation attacks between a Whistleblower submitting something
and a Receiver, receiving a notification that there's a new leak
outstanding to be accessed.
We already had a internal discussion and received some
