Findproxy

Traffic analysis is the interception of messages in order to make out a pattern in communication. It is one of the reasons why proxy servers exist. Proxy servers work towards maintaining anonymity with regard to information flow. If servers are being designed to counter traffic analysis why is it that such a practice still exists? Even encrypted messages can be examined using traffic analysis. It is a helpful tool for military intelligence. Some of the methods used to enhance traffic flow security are using codress messages (changing the source and destination addresses), changing the radio callsigns, sending dummy traffic, and sending encrypted signals.

Some of the methods devised to counter traffic analysis are:
1 Link Encryption
2 End-to end Encryption

Link Encryption means that every vulnerable communication link is encrypted on both ends of the link. Hence communication is made secure. But the message must be decrypted at the packet switches which make the message vulnerable at those points. Thus multiple keys need to be distributed at the nodes, one key to two nodes.

End-to-end Encryption is carried out in two-way systems. The sender and the receiver share a key to encrypt and decrypt a message. Network switches and links are secured in this manner. But only the data is encrypted in this method. The header is left in the clear. Most of the traffic is examined using the headers.

Link Encryption End-to-end Encryption

Source message is exposed Source message is encrypted
Message exposed at the nodes Message encrypted at the nodes
Message transparent to the user Message encrypted by the user
Encryption maintained by host Algorithm determined by the user
Can be performed on hardware Software implementation needed
Encryption of all or no messages User decides whether to encrypt a message

Different kinds of information can be found using traffic analysis:
1 Frequency of communication
2 Identity of the people who communicate
3 Pattern of messages
4 Length of messages
5 Messages in a covert channel

Link Encryption ensures that the packet headers are encrypted and the traffic can be padded to further strengthen the security. Using End-to-end Encryption null messages can be sent in a random manner and all messages can be padded to uniform lengths.