Re: [dtn-security] Re(2): Traffic Analysis Protection

Rajesh Krishnan <krash@bbn.com> Thu, 13 March 2008 21:04 UTC

From: Rajesh Krishnan <krash@bbn.com>
To: DTN Security Discussion <dtn-security@mailman.dtnrg.org>
In-Reply-To: <20080313201414.439710226@127.0.0.1>
References: <676D5FD21A8EEC4591C13839BF2A14B9F166D6@EVS-EC1-NODE4.surrey.ac.uk> <47D98561.901@cs.tcd.ie> <20080313201414.439710226@127.0.0.1>
Content-Type: text/plain
Organization: BBN Technologies
Date: Thu, 13 Mar 2008 17:08:33 -0400
Message-Id: <1205442513.7198.78.camel@z>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: Re: [dtn-security] Re(2): Traffic Analysis Protection
Precedence: list
Reply-To: krash@bbn.com, DTN Security Discussion <dtn-security@mailman.dtnrg.org>

Hi Peter,

> As you say, bundle-in-bundle encapsulation is a solution but ... you
> have to have *some* addressing *somewhere*.  

Agreed that this is typically true. Here is a fun thought though.

As a corner case, in small lightly-loaded networks, we could encrypt
messages with no "addresses" and share them epidemically or via other
addressless routing means.  If a node is able to decrypt it, then it is
for a specific endpoint on that node.  Otherwise it just passes it
along.  Extreme case of late binding.

The BP requires the source endpoint ID to be present to create a unique
ID.  By using a common source endpoint ID and by allocating the bundle
sequence space among nodes (doable in lightly loaded, small networks) we
could go "address-less".

Best Regards,
Rajesh

Re: [dtn-security] Traffic Analysis Protection HUANG, CHIN-TSER
Re: [dtn-security] Traffic Analysis Protection Weiss, Howard
Re: [dtn-security] Re(2): Traffic Analysis Protec… Rajesh Krishnan
[dtn-security] Re(2): Traffic Analysis Protection Peter Lovell
Re: [dtn-security] Traffic Analysis Protection Stephen Farrell
Re: [dtn-security] Traffic Analysis Protection Urs Hengartner
[dtn-security] Traffic Analysis Protection M.Bhutta