On 2013-08-20, at 3:31 PM, Fabio Pietrosanti (naif) wrote: > Hi all, > > at GlobaLeaks we are going to implement a feature that want to > mitigate time correlation attacks between a Whistleblower submitting > something and a Receiver, receiving a notification that there's a new > leak outstanding to be accessed. > > We already had a internal discussion and received some valuable > suggestions and comments available here > https://github.com/globaleaks/GlobaLeaks/issues/264 . > > However being the argument possibly tricky, we would like to subject > to suggestion, criticism and review the proposal.
This draft avoids the most common mistakes in this context. First is to defend against a specific attack rather than time correlation attacks in general. Second is to conflate padding and timing; some padding schemes may defeat some weak timing attacks but the two problems are distinct; you should defend against both, independently. If I understand correctly the communication channel is one-way, that is, submissions are into a drop box. In this case it's possible to defend against time correlation effectively with random delays. For a uniform distribution, pick a (min, max) pair; for a Gaussian distribution, pick a large variance. It seems to me you are on the right track. Best of luck. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
