[guardian-dev] Blackphone

Lee Azzarello lee at guardianproject.info
Fri Jan 17 10:20:54 EST 2014

Good morning,

If you have a suggestion to do p2p real time voice without a central
registry to locate end points and not use IP addresses please share that
information! I've been looking for such a system for years now. The design
challenges are far too abstract to make sense of with my understanding of
IP networking.


On Friday, January 17, 2014, Michael Rogers <michael at briarproject.org>

> Hash: SHA1
> On 17/01/14 11:10, Matej Kovacic wrote:
> > Yes, but adversary can see when do you connect to OSTN server to
> > place a call and see who responded to a call. Actually they can
> > only see who is transferring the data and in what amount, but it is
> > enough for correlation. So they can see who is communicating with
> > who.
> Yup, an adversary wiretapping both parties can see that they're
> communicating. But the parties' OSTN servers can see that _without_
> wiretapping them.
> > A solution would be to use OSTN with Tor network (OK, it would not
> > work, but you can use ChatSecure's voice messages), while both
> > parties should also generate some additional fake traffic to Tor
> > network to prevent correlation.
> >
> > In that case you would have encrypted conversation, server
> > administrator cannot see who is communicationg with who (actually,
> > can only see some identity number like number 1000 is calling
> > number 2000, but without real IP addresses), and adversary can only
> > see that you have connected to Tor network and that you are
> > transferring some data.
> >
> > In that case you do not need to trust anyone. Except endpoint
> > devices. :-)
> Sounds like a good solution, as long as the OSTN accounts are
> registered and used always through Tor.
> IIRC, the Tor protocol allows clients to send padding frames to relays
> - - but it doesn't allow clients to ask relays to generate padding. So
> the Tor->Alice direction of the Alice->Tor connection, and the
> Tor->Bob direction of the Tor->Bob connection, could still be
> correlated. And of course, circuit setup and teardown times are quite
> revealing even if the circuits are fully padded.
> Cheers,
> Michael
> Version: GnuPG v1.4.10 (GNU/Linux)
> qiO6lGefks4yQlGL5h50HMc/UJfdtpG3co8swRK8LGylTf7vD6kSgRpsRMUAGMZM
> Zm+hojpfbgGxhz0UA7AY4U63W3XVulDykbqwEV5+Z9jwvxF2kMAhqOl+s+IReMeY
> EwxAoE+kN6F9EsJyJF+u00zHVn+Ak3HfTAUaxgxGSwwxD1djSQs0UOdM5ol4ut5T
> CSMKt2iHblujFv0KcYacKAYnfqeBlNlEgkT3E5NhgO8ndBDNAiVemTX1FTF/RTLh
> tMrubxaPcv68juPgv85UMkfsoBq1OC7NxKCwmYLH9FJ9EVHvzUzMYIBKu4MvtnE=
> =nVk0
> _______________________________________________
> Guardian-dev mailing list
> Post: Guardian-dev at lists.mayfirst.org <javascript:;>
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> To Unsubscribe
>         Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org<javascript:;>
>         Or visit:
> https://lists.mayfirst.org/mailman/options/guardian-dev/lee%40guardianproject.info
> You are subscribed as: lee at guardianproject.info <javascript:;>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20140117/ed785e77/attachment-0001.html>

More information about the Guardian-dev mailing list