An Efficient Web Traffic Defence Against Timing-Analysis Attacks

Abstract

We introduce a new class of lower overhead tunnel that is resistant to traffic analysis. The tunnel opportunistically reduces the number of dummy packets transmitted during busy times when many flows are simultaneously active while maintaining well-defined privacy properties. We find that the dummy packet overhead is typically less than 20% on lightly loaded links and falls to zero as the traffic load increases i.e. the tunnel is capacity-achieving. The additional latency incurred is less than 100ms. We build an experimental prototype of the tunnel and carry out an extensive performance evaluation that demonstrates its effectiveness under a range of network conditions and real web page fetches.