1

As of a week ago, I now find myself living in one of the more oppressively surveilled states in the world. I do not like this on ideological grounds. Therefore, I will acquire a vpn subscription for my family's traffic online, and will set up a default route for the building to the supplier (probably crpytostorm.is), via a dd-wrt router. Being an honest citizen who does nothing wrong online (and I assume the same for the rest of the house), my "threat model" is minimal, and therefore one might naïvely assume that this would be enough to prevent the Food Standards Agency from looking at my browsing history.

However, I recently read about how private -- or not -- vpns might be; correlation attacks are highly likely to be able to defeat such measures in an internet where essentially everything is logged.

Therefore, I'd like to ask this question: if one were to maximally use your available bandwidth continuously, constantly maintaining an encrypted tunnel to a VPN provider (who we assume now is a good faith actor), would that be sufficient to mitigate significantly against correlation attacks? It seems like that would be a "relatively" trivial (albeit annoying) task for a router to perform: estimate the current/near-term-future available bandwidth, send a large number of, e.g. TCP NOP packets at a rate designed to saturate the connection, and adjust their volume/frequency to not disrupt other data.

I have little doubt that my ISP wouldn't like me actually using the bandwidth I'd paid for, but beyond that, it seems like it would make it at the least marginally harder to perform correlation attacks on an encrypted tunnel. I imagine that the moderately beefy VPN server I'd connect to could silently drop the NOP packets (or equivalent) with a minimal performance hit.

Am I right? This seems like an obvious idea -- what is it usually called? Would this method work to mitigate against correlation attacks? Is there an open-source implementation in, e.g., dd-wrt to perform it?

Landak
  • 111
  • 3
  • So, after a bit of searching, it transpires that this techniques is ordinarily called '*traffic masking*' [1] and is generally regarded as acceptable in military contexts -- but I still have little idea how applicable it is as proposed above ([1] Ferguson & Schneier's _Practical Cryptography_ textbook (Wiley, 2003)) – Landak Dec 05 '16 at 12:25

1 Answers1

1

if one were to maximally use your available bandwidth continuously, constantly maintaining an encrypted tunnel to a VPN provider (who we assume now is a good faith actor), would that be sufficient to mitigate significantly against correlation attacks?

It will be sufficient to get you kicked in short order by either the VPN provider or your Internet provider.

I have little doubt that my ISP wouldn't like me actually using the bandwidth I'd paid for

You guessed it.

I imagine that the moderately beefy VPN server I'd connect to could silently drop the NOP packets (or equivalent) with a minimal performance hit

But it will still affect their bandwidth bill.

This seems like an obvious idea -- what is it usually called?

It is usually called a DoS attack.

Is there an open-source implementation in, e.g., dd-wrt to perform it?

Don't try it, Anakin.

DepressedDaniel
  • 1,240
  • 6
  • 8
  • I don't really get this. I have an unlimited, open-bandwidth plan with an advertised speed. It was my understanding that DOS attacks deliberately try and _maximise_ CPU usage on the target, whereas sending lots of packets that are trivial to route that can be decrypted in a hardware accelerated fashion (e.g. https://wiki.openwrt.org/doc/hardware/cryptographic.hardware.accelerators) is not _necessarily_ malicious. What other ways are there of mitigating correlation attacks? – Landak Dec 04 '16 at 21:39
  • 1
    I disagree with this answer. The OP should carefully read the contact terms, as there may be some provision about "excessive usage", but he should be able to do so (and the ISP may be more than happy that he does that if it is billed separately / at an higher tier). Also, it doesn't fully answer the question on whether that mitigates correlation, as the OP could cap his LAN output to an _acceptable_ bandwidth (eg. 80% of his advertised bandwidth) and maximise his bandwidth usage to that value. – Ángel Dec 04 '16 at 23:43
  • 1
    @Ángel Usually consumer ISP contracts have cop-out clauses that allow the ISP to terminate service just by labeling certain usage as "abuse", etc, in a way that cannot be disputed by the customer. If OP doesn't want to have their connection pulled, they might have to limit bandwidth pretty drastically as it is being used 24/7. Which would make their browser slow to load images and videos. – DepressedDaniel Dec 05 '16 at 00:16