BIT-TRAPS: Building Information-Theoretic Traffic Privacy Into Packet Streams

Abstract

Sniffing encrypted data packets traveling across networks can often be useful in inferring nontrivial information about their contents because of the manner in which the transmission of such packets is handled by lower layers in the communications protocol stack. In this paper, we formally study the side-channel formed by variable packet sizes, and explore obfuscation approaches to prevent information leakage while jointly considering the practical cost of obfuscation. We show that randomized algorithms for obfuscation perform best and can be studied as well-known information-theoretic constructs, such as discrete channels with and without memory. We envision a separate layer called a Bit - Trap, that employs buffering and bit-padding as orthogonal methods for obfuscating such side channels. For streams of packets, we introduce the use of mutual-information rate as an appropriate metric for the level of obfuscation that captures nonlinear relationships between original and modified streams. Using buffering-delay and average bit-padding as the respective costs, a Bit - Trap formulates a constrained optimization problem with bounds on the average costs, to implement the best possible obfuscation policy. We find that combining small amounts of delay and padding together can create much more obfuscation than either approach alone, and that a simple convex trade-off exists between buffering delay and padding for a given level of obfuscation.