[dtn-security] Traffic Analysis Protection

<M.Bhutta@surrey.ac.uk> Wed, 12 March 2008 16:03 UTC

Received: from mail82.messagelabs.com (mail82.messagelabs.com [195.245.231.67]) by maillists.intel-research.net (8.13.8/8.13.7) with SMTP id m2CG3FlF031552 for <dtn-security@mailman.dtnrg.org>; Wed, 12 Mar 2008 09:03:15 -0700
X-VirusChecked: Checked
X-Env-Sender: M.Bhutta@surrey.ac.uk
X-Msg-Ref: server-13.tower-82.messagelabs.com!1205338036!63822618!9
X-StarScan-Version: 5.5.12.14.2; banners=-,-,-
X-Originating-IP: [131.227.102.140]
Received: (qmail 14142 invoked from network); 12 Mar 2008 16:07:27 -0000
Received: from ads40.surrey.ac.uk (HELO ads40.surrey.ac.uk) (131.227.102.140) by server-13.tower-82.messagelabs.com with SMTP; 12 Mar 2008 16:07:27 -0000
Received: from EVS-EC1-NODE4.surrey.ac.uk ([131.227.102.139]) by ads40.surrey.ac.uk with Microsoft SMTPSVC(6.0.3790.3959); Wed, 12 Mar 2008 16:06:57 +0000
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C8845B.189B6980"
Date: Wed, 12 Mar 2008 16:06:56 -0000
Message-ID: <676D5FD21A8EEC4591C13839BF2A14B9F166D6@EVS-EC1-NODE4.surrey.ac.uk>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Traffic Analysis Protection
Thread-Index: AciEWxiWFb6hus6WQ2mKuscYFTMMBQ==
From: <M.Bhutta@surrey.ac.uk>
To: <dtn-security@mailman.dtnrg.org>
X-OriginalArrivalTime: 12 Mar 2008 16:06:57.0183 (UTC) FILETIME=[18BA92F0:01C8845B]
Subject: [dtn-security] Traffic Analysis Protection
X-BeenThere: dtn-security@mailman.dtnrg.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: DTN Security Discussion <dtn-security@mailman.dtnrg.org>
List-Id: DTN Security Discussion <dtn-security.mailman.dtnrg.org>
List-Unsubscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=unsubscribe>
List-Archive: <http://maillists.intel-research.net/pipermail/dtn-security>
List-Post: <mailto:dtn-security@mailman.dtnrg.org>
List-Help: <mailto:dtn-security-request@mailman.dtnrg.org?subject=help>
List-Subscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Mar 2008 16:03:17 -0000

Hello, 
I am working on traffic analysis protection for DTN networks. From the "DTN Security Internet Draft" there are some 
questions about this which I wanted to be discussed on the DTNRG security mailing list. 

1. To what extent there is a real need for a generic scheme for protection against traffic analysis.
2. How to define such generic scheme for delay and disruption tolerant networks and should not consume too much resources like for Sensors.
3. Should Traffic analysis protection be left on underlying network layers than DTN layer. 

To completely stop the traffic analysis, following counter-measures should be taken into account to avoid the traffic analysis:
1. Encryption
2. Masking (sending dummy traffic like encrypted message to show channedl 100% busy)
3. Hiding time and size information of traffic

taking into considerations the above questions and the counter-measures, we can go towards how we should provide such a solution for 
DTN Networks and which counter-measures are realy important for DTN based networks while considering the internet networks and non-internetnetworks like sensor networks and the solution should use less resources as possible. 

best regards
Nasir