← Back to context

Comment by desdiv

11 years ago

I use this example myself quite a bit, although we've also got to figure out the distinguishability from page sizes issue. Different Wikipedia pages are different sizes, and they're still different sizes when they're encrypted.

Both GnuTLS[1] and Nginx[2] have length hiding implemented. But AFAIK OpenSSL doesn't have it yet, so most users are still left in the dark.

[1]http://www.manpagez.com/info/gnutls/gnutls-3.2.10/gnutls_180...

[2]http://nulab-inc.com/blog/nulab/securing-nginx/

1 comment

desdiv

Reply
schoen  11 years ago

Thanks, I didn't realize that process was so far along!

It might still be challenging to get large sides to adopt padding that will increase the amount of traffic they send (of course, the idea of reducing the efficiency of compression has the same net effect). But it's great to know that there's already a tool in place for traffic padding, at least in some implementations.