В Thu, 18 Jun 2015 00:51:08 -0400 Roger Dingledine <a...@mit.edu>: > It makes sense that if you think solving the problem is easy, you > wonder why Tor hasn't solved it. > > But even full scale padding, ignoring the practical side of how to > get a Tor network that can afford to waste so much bandwidth, doesn't > provide protection in the face of active attacks where you induce a > gap on one side and then observe the gap on the other side. And it > might even be the case that these gaps happen naturally by > themselves, due to network congestion and so on, so maybe passive > observers will be winners even against a design that does full > padding.
And splitting and merging of encrypted TCP packets at random positions are possible solution, with addition random number (several tens max) of random bytes to each packet? Or this has already realized in pluggable transports but I don't know? As I understand, attacks of this type based on comparing of logs/dumps at both ends of TOR chain: user's local ISP and distant server (may be with specially created trapping web site). Even if content of these packets can't be decrypted, comparing of number, lenghts and times of packets make it possible to establish the fact of connection. Even user had been loading several pages from different sites simultaneously, its possible to evolve packets by its lengths because each TOR node in chain decrease lenght of packet by fixed number of bytes when decrypting a layer. Isn't it? Alan Hiew -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk