-
Notifications
You must be signed in to change notification settings - Fork 23
QuantumGate Noise
Peers on the QuantumGate network may exchange messages containing useless random data. These special messages are called "noise", and they serve the purpose of:
- padding the message transport to hide the length of useful data being sent
- cover (or dummy) traffic to hide when exactly useful data is being sent and with what frequency.
The combined purpose of noise is altering the signature of the traffic in order to make traffic analysis more difficult. Combined with relays, traffic analysis becomes an even greater challenge.
Depending on the configuration, QuantumGate can send noise randomly during a given interval, and if the interval is small enough, completely saturate all the available bandwidth with noise. In all cases priority is given to actual data when it's available to transmit above noise.
Also depending on the configuration, even the signature of the initial handshake can be significantly altered, making it difficult to determine when the handshake begins and ends. For example, with a MaxHandshakeDelay
of 120 seconds, upon establishing the (TCP/IP, UDP, etc.) connection, QuantumGate will wait a random number of seconds every time (for a total of 120 max.) before actually sending handshake data. In the mean time, many noise messages may be exchanged giving eavesdroppers the impression that the handshake may have been initiated, completed and actual communication has already begun while this isn't actually the case. In addition the frequency and amount of data being exchanged during each handshake will also differ, altering the signature of the handshake and traffic.
QuantumGate provides 5 Security Levels
(from One
to Five
), each with their own specific noise configurations that increase in aggressiveness, where Five
is the most aggressive. At the lowest level (One
) noise is disabled.
When building your own applications using the QuantumGate library and API, you can choose to enable or disable noise via the SetSecurityLevel
member function of the local instance. It's also possible to set a Custom
security level and provide your own Security Parameters, tweaking the amount of noise being sent. You may also change these settings at any time while the local instance is running depending on your needs.
Noise adds additional processing and bandwidth overhead so it's important to keep this in mind, and you have to make the appropriate trade-offs depending on your situation and needs. With regard to the bandwidth overhead, instead of wasting much of it to noise, it might be better, depending on the situation, to let the local instance serve as a relay for other peers to generate useful traffic that can also serve as cover traffic.