Protecting traffic privacy for massive aggregated traffic

Traffic analysis has definitely shown that encryption is not enough to protect the privacy of communications implemented over packet networks. The very features of packet traffic, like packet lengths statistics, inter-packet times, volumes of exchanged traffic, communication patterns, leak information. Leakage ranges from the kind of application that generates the information flow carried into the supposedly secure connection to parts of its content. We propose traffic masking as a countermeasure. Full confidentiality protection is discussed and the traffic masking framework is introduced and motivated. The optimization and performance assessment of the masking device is evaluated both through a general analytical model, mainly useful to gain basic insight, and by a real network emulation of a distributed secure multiparty computation application, where confidentiality requirements are key to the application itself. It is shown that essentially full confidentiality can be attained for a practical distributed security application by accepting an increase of the traffic volume by a factor 2.4 and an increase of the task completion time of 30%. Hence, (almost) full privacy appears to be more appealing for contexts where delay constraints are more valuable than bandwidth.