[mnet-devel] What does EGTP do that a PGP message doesn't
Zooko O'Whielacronx
zooko at zooko.com
Mon Oct 6 16:16:22 BST 2003
Art wrote:
>
> I want link encryption.
>
> "Why?" you ask...
>
> Becuase I want to run mnet while on client sites. And I don't want them to
> know what I am running. Sure, if they knew about mnet and were running a
> node they might notice, but if my traffic is unencrypted they difinately
> will.
>
> I like link encryption.
Good point. With EGTPv1, they can see that you are running some funny
protocol that starts with a 0-byte or a 1-byte, followed by a 4-byte length
and then that many random bytes. They won't think that you are using
SSL-protected web sites, but they probably won't guess what you *are* doing
(until EGTP becomes a lot more popular and sysadmins get modules for their
sniffer programs that detect it).
There might be other patterns in EGTP messages that are detectable, but there
isn't any human-readable string sent in cleartext that says "Hi! I'm a
subversive emergent network hacker! See http://sf.net/projects/mnet/.".
One the other hand, the pattern of what ports you listen to and how
connections get opened and closed will be more useful information, and will
probably look exactly like a file-sharing app and trigger their "file-sharing-
detector" scripts.
Interesting how traffic analysis is actually used in practice nowadays, not
because the user is protected by high-tech Chaumian mixes, but because it is
easier to do traffic analysis than to parse message formats.
--Z
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
mnet-devel mailing list
mnet-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mnet-devel
More information about the Mnet-devel
mailing list