Stephane Bortzmeyer stephane at sources.org
Tue Mar 9 07:48:31 GMT 2021
- - - - - - - - - - - - - - - - - - -
On Mon, Mar 08, 2021 at 09:59:53PM +0000, Phil Leblanc <philanc at gmail.com> wrote a message of 64 lines which said:
Now Nathan looks at Alice's encrypted traffic with Bob's
server. Just looking at the response sizes, Nathan knows what
file(s) Alice has accessed and their content (collected during the
indexing phase). No crypto, no MITM involved.
This attack is well known and, for HTTP, documented in manyarticles. A general view of the problem and of countermeasures is"Peek-a-Boo, I Still See You: Why Efficient Traffic AnalysisCountermeasures Fail"<https://cise.ufl.edu/~teshrim/tmAnotherLook.pdf>.
What countermeasures could we propose? I can think of a few more or
less practical approaches::
4. The client could obfuscate the traffic with many gratuitousrequests. See the excellent book "Obfuscation"<https://mitpress.mit.edu/books/obfuscation>.