Re: [dtn-security] Traffic Analysis Protection

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 13 March 2008 19:46 UTC

Received: from smtp.ietf71.ietf.org (peter.ietf71.ietf.org [130.129.5.6]) by maillists.intel-research.net (8.13.8/8.13.7) with ESMTP id m2DJkSdt000972 for <dtn-security@mailman.dtnrg.org>; Thu, 13 Mar 2008 12:46:28 -0700
Received: from [130.129.86.217] (unknown [130.129.86.217]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.ietf71.ietf.org (Postfix) with ESMTP id B8D5ED68004 for <dtn-security@mailman.dtnrg.org>; Thu, 13 Mar 2008 15:51:00 -0400 (EDT)
Message-ID: <47D98561.901@cs.tcd.ie>
Date: Thu, 13 Mar 2008 19:49:53 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
MIME-Version: 1.0
To: DTN Security Discussion <dtn-security@mailman.dtnrg.org>
References: <676D5FD21A8EEC4591C13839BF2A14B9F166D6@EVS-EC1-NODE4.surrey.ac.uk>
In-Reply-To: <676D5FD21A8EEC4591C13839BF2A14B9F166D6@EVS-EC1-NODE4.surrey.ac.uk>
X-Enigmail-Version: 0.95.6
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [dtn-security] Traffic Analysis Protection
X-BeenThere: dtn-security@mailman.dtnrg.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: DTN Security Discussion <dtn-security@mailman.dtnrg.org>
List-Id: DTN Security Discussion <dtn-security.mailman.dtnrg.org>
List-Unsubscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=unsubscribe>
List-Archive: <http://maillists.intel-research.net/pipermail/dtn-security>
List-Post: <mailto:dtn-security@mailman.dtnrg.org>
List-Help: <mailto:dtn-security-request@mailman.dtnrg.org?subject=help>
List-Subscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Mar 2008 19:46:29 -0000

M.Bhutta@surrey.ac.uk wrote:
> Hello,
> I am working on traffic analysis protection for DTN networks. From the 
> "DTN Security Internet Draft" there are some
> questions about this which I wanted to be discussed on the DTNRG 
> security mailing list.
> 
> 1. To what extent there is a real need for a generic scheme for 
> protection against traffic analysis.
> 2. How to define such generic scheme for delay and disruption tolerant 
> networks and should not consume too much resources like for Sensors.
> 3. Should Traffic analysis protection be left on underlying network 
> layers than DTN layer.
> 
> To completely stop the traffic analysis, following counter-measures 
> should be taken into account to avoid the traffic analysis:
> 1. Encryption
> 2. Masking (sending dummy traffic like encrypted message to show 
> channedl 100% busy)

I'd be interested in how you would do that without causing
yourself a DoS, i.e in what circumstances would fake traffic
be safe?

> 3. Hiding time and size information of traffic

The BP's not that good in this respect, since we can't encrypt
the primary bundle, so you'd probably have to do bundle in
bundle encapsulation. Again, I'd be interested in what you come
up with,
Regards,
Stephen.


> 
> taking into considerations the above questions and the counter-measures, 
> we can go towards how we should provide such a solution for
> DTN Networks and which counter-measures are realy important for DTN 
> based networks while considering the internet networks and 
> non-internetnetworks like sensor networks and the solution should use 
> less resources as possible.
> 
> best regards
> Nasir
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> dtn-security mailing list
> dtn-security@mailman.dtnrg.org
> http://maillists.intel-research.net/mailman/listinfo/dtn-security