[cryptography] Preventing Time Correlation Attacks on Leaks: Help! :-)

2013-08-20 Thread Fabio Pietrosanti (naif)
Hi all, at GlobaLeaks we are going to implement a feature that want to mitigate time correlation attacks between a Whistleblower submitting something and a Receiver, receiving a notification that there's a new leak outstanding to be accessed. We already had a internal discussion and received some

Re: [cryptography] Preventing Time Correlation Attacks on Leaks: Help! :-)

2013-08-20 Thread Peter Maxwell
Hi Fabio, While I don't mean to be dismissive, I suspect your threat model is flawed for the following reasons: i. Most mid to large companies would not permit the use of Tor within their infrastructure and even if the hypothetical company did, it doesn't take a whole lot of effort to track down

Re: [cryptography] Preventing Time Correlation Attacks on Leaks: Help! :-)

2013-08-21 Thread Fabio Pietrosanti (naif)
Hey Peter, thanks for your analysis! I think we need to provide some additional input! In the context of GlobaLeaks where, stating from our Threat Model at https://docs.google.com/document/d/1niYFyEar1FUmStC03OidYAIfVJf18ErUFwSWCmWBhcA/pub , the Whistleblower can also be NON anonymous but approa

Re: [cryptography] Preventing Time Correlation Attacks on Leaks: Help! :-)

2013-08-21 Thread Sebastian Schinzel
Dear Fabio, On 21. Aug 2013, at 09:35 AM, "Fabio Pietrosanti (naif)" wrote: > Which kind of logic / algorithm to apply on the Receiver's notification > timing in order to prevent / reduce the likelihood that a time correlation > pattern is possible? > > A random delay between a lower bounday

Re: [cryptography] Preventing Time Correlation Attacks on Leaks: Help! :-)

2013-08-21 Thread Ben Laurie
On 21 August 2013 03:35, Fabio Pietrosanti (naif) wrote: > Hey Peter, > > thanks for your analysis! > > I think we need to provide some additional input! > > In the context of GlobaLeaks where, stating from our Threat Model at > https://docs.google.com/document/d/1niYFyEar1FUmStC03OidYAIfVJf18ErU

Re: [cryptography] Preventing Time Correlation Attacks on Leaks: Help! :-)

2013-08-21 Thread Peter Maxwell
On 21 August 2013 08:35, Fabio Pietrosanti (naif) wrote: > Hey Peter, > > thanks for your analysis! > No worries > > > I think we need to provide some additional input! > > In the context of GlobaLeaks where, stating from our Threat Model at > https://docs.google.com/document/d/1niYFyEar1FUmSt

Re: [cryptography] Preventing Time Correlation Attacks on Leaks: Help! :-)

2013-08-21 Thread Michael Rogers
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Fabio, It seems to me that there are two fundamental problems to solve if you want to disguise the correlation between a node's inputs (submissions, comments and edits) and its outputs (notifications). The first problem is disguising the correlati

Re: [cryptography] Preventing Time Correlation Attacks on Leaks: Help! :-)

2013-08-25 Thread Mansour Moufid
On 2013-08-20, at 3:31 PM, Fabio Pietrosanti (naif) wrote: > Hi all, > > at GlobaLeaks we are going to implement a feature that want to > mitigate time correlation attacks between a Whistleblower submitting > something and a Receiver, receiving a notification that there's a new > leak outstanding