On 4 September 2013 20:09, josef.winger@email.de wrote:
Now node B does not stream the data to node C, but obfuscates it. That means if there are n packages it transforms them into m packages in some unpredictable way and each new packages gets a small amount of additional random-data. (The point is that the new stream will not look at all like the old one)
Only node B nows the way to de-obfuscate this. But B and C did a handshake and using this encryption B shares with C how to de-obfuscate the data.
Node A sends 40KB of data to Node B, in some particular distribution. Node B sends 60KB of data (a 50% increase!) in a new distribution to Node C. Node C sends 40 KB of traffic to whereever.
An adversary watching Node B knows that it is passing the data from A to C. It's obvious. Now, it's _less_ obvious when Node B is receiving two streams of data, 40KB from Node A and 50KB from Node X, and sending two streams of 60KB to Nodes Y and Z (which stream went where?) - but that only holds up for really small streams. For longer lived streams in a low latency network where the packet sizes and frequency of the Node A->B and X->B streams diverge, the B->Y and B->Z streams will likewise diverge, and it's then easy to correlate them again.
-tom