lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20030822232248.GA44526@lightship.internal.homeport.org>
From: adam at homeport.org (Adam Shostack)
Subject: JAP back doored

On Fri, Aug 22, 2003 at 06:28:26PM +0200, Rainer Gerhards wrote:
| > There is no exponential term in MIX traffic.  That means that if you
| > try to ensure that all traffic leaves the network quickly (so you can
| > say, web browse), then your attacker only needs to analyze traffic
| > over a few seconds, and that's easy.
| > 
| > Simple attacks work really well on real time mix chains of any length
| > that TCP timeouts are likely to allow.
| 
| I haven't looked at the actual protocol used by JAP, just followed the
| postings here. But if they re-route traffic through the mixes *quickly*
| it may be hard to trace who is an actual user, but it is definitely
| possible. In the Dresden-Dresden case it is really so easy that it is
| (again) laughable at what the Germany police is trying over here. They
| could obtain what the want by "just" running some traffic analysis.
| Sure, that would be more expensive, but it would have had the benefit of
| not beeing publically discussed.
| 
| Bottom line: a real analyzer must randomly *delay* in- and outgoing
| traffic. In high-volume environments a few (milli) seconds may do. If
| JAP does this, then it (was) fine. If it didn't, it wasn't any secure in
| the first place...

Random delay doesn't do what you think.  The arguments against it are
a little complex for me to summarize, but see the proceedings of the
Privacy Enhancing Technologies workshops.  In particular, the
"Generalizing Mixes" paper by Claudia Diaz and Andreii Serjanatov is
just about the latest thinking on how to build MIX networks.

http://www.esat.kuleuven.ac.be/~cdiaz/DS03.ps.gz
http://petworkshop.org/2003/program.html



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ