English

Maybenot: A Framework for Traffic Analysis Defenses

Cryptography and Security 2024-09-30 v2

Abstract

End-to-end encryption is a powerful tool for protecting the privacy of Internet users. Together with the increasing use of technologies such as Tor, VPNs, and encrypted messaging, it is becoming increasingly difficult for network adversaries to monitor and censor Internet traffic. One remaining avenue for adversaries is traffic analysis: the analysis of patterns in encrypted traffic to infer information about the users and their activities. Recent improvements using deep learning have made traffic analysis attacks more effective than ever before. We present Maybenot, a framework for traffic analysis defenses. Maybenot is designed to be easy to use and integrate into existing end-to-end encrypted protocols. It is implemented in the Rust programming language as a crate (library), together with a simulator to further the development of defenses. Defenses in Maybenot are expressed as probabilistic state machines that schedule actions to inject padding or block outgoing traffic. Maybenot is an evolution from the Tor Circuit Padding Framework by Perry and Kadianakis, designed to support a wide range of protocols and use cases.

Keywords

Cite

@article{arxiv.2304.09510,
  title  = {Maybenot: A Framework for Traffic Analysis Defenses},
  author = {Tobias Pulls and Ethan Witwer},
  journal= {arXiv preprint arXiv:2304.09510},
  year   = {2024}
}

Comments

Version 2 of the Maybenot framework

R2 v1 2026-06-28T10:10:45.738Z