On Mon, Aug 10, 2020 at 11:49 PM Christian Huitema <huit...@huitema.net> wrote:
> Defeating fingerprinting is really hard. It has been tried in the past, as > in "make me look like Skype" or "make me look like wikipedia". The idea is > to build a target model, then inject enough noise and padding in your > traffic to match the target model. But that way easier to say than to do! > Some of the techniques do attempt something like that. For example: "Wright et al. [wright2009traffic] developed traffic morphing, which pads packets in such a way so as to make the sequence from one page have characteristics of another (non-monitored or benign) page. This technique requires application-specific knowledge about benign pages and is therefore best implemented outside of the transport layer." What I couldn't figure out is how much the cited training mechanisms rely on the ClientHello message. I haven't found a source that mentioned this outside of "packet size and timing", but I haven't read them all. thanks, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
