F2F UDP mesh net prototype proof of concept
Punk - Stasi 2.0
punks at tfwno.gf
Tue Oct 22 17:54:49 PDT 2019
https://www.freehaven.net/anonbib/cache/back01.pdf
This attack reveals what seems to be a fallacy in theoretical definitions of security.
For example, in [28], the authors state that if links are padded or bandwidth is limited
to a constant rate, one can ignore passive eavesdroppers8. This is technically correct if
a passive eavesdropper is defined as someone who cannot access the network as a reg-
ular user and compute timings on the network (which is implied by the definition used
in most theoretical work). However this attack model is not very interesting and defi-
nitely misleading. The latency attack pointed out above and the next attack we present
demonstrate that if an attacker can simply compute timings (which is as passive as one
can expect an attacker to be in practice), or use the system, link padding or bandwidth
limiting links to a constant rate does not protect the system against easy traffic analysis
attacks.
More information about the cypherpunks
mailing list