wiki:TfcProject

Traffic Flow Confidentiality Project

Traffic Flow Confidentiality (TFC) mechanisms are techniques devised to hide/masquerade the traffic pattern to prevent (statistical) traffic analysis attacks. Their inclusion in widespread security protocols, in conjunction with the ability for deployers to flexibly control their operation, might boost their adoption and improve privacy of future networks. The TFC protocol is integrated, as a security protocol, in the IPsec security architecture. A Linux-based implementation has been developed, supporting a variety of per-packet treatments (padding, fragmentation, dummy packet generation, and artificial alteration of the packet forwarding delay), in an easily combinable manner. Source code and related tools are available in our repository.

To check out the source code (please note, this is huge, containing the whole linux kernel and wireshark sources), do:

svn co http://minerva.netgroup.uniroma2.it/svn/discreet/tfcproject

For compilation instructions, see:

http://minerva.netgroup.uniroma2.it/svn/discreet/tfcproject/trunk/README

For information, please contact:

kiraly [at] disi [dot] unitn [dot] it

Patches to specific Kernel Versions

To see the latest patch (for Linux 2.6.23.12), do

svn diff -r 815:820 http://minerva.netgroup.uniroma2.it/svn/discreet/tfcproject/trunk/linux-2.6.23.12-TFC > tfc.patch

Note: since we are testing with UML virtual machines, our sources, and therefore the patch contains the SKAS3 patch as well. If you don't like that, get this other patch that does not include SKAS3

svn diff -r 819:820 http://minerva.netgroup.uniroma2.it/svn/discreet/tfcproject/trunk/linux-2.6.23.12-TFC > tfc.patch

To see older patch for Linux 2.6.20.7, do

svn diff -r 215:HEAD http://minerva.netgroup.uniroma2.it/svn/discreet/tfcproject/trunk/linux-2.6.20.7-TFC > tfc.patch

Note: this is for kernel 2.6.20.7 . Recently, we have made some steps to reduce the number of changes in the base XFRM code, so it might work with other versions as well

Note: since we are testing with UML virtual machines, our sources, and therefore the patch contains the SKAS3 patch as well. If you don't like that, you can easily delete reated lines from the patch file

some tutorials we have generated during development

Last modified 9 years ago Last modified on Mar 6, 2008, 6:20:15 PM

Attachments (1)

Download all attachments as: .zip