Server can guess Directory Tree

[roeslpa]

By watching a user browsing its directories the server provider can guess the directory tree. Thus it can guess which downloader downloads a share and which one only downloads to fake traffic.
Do we accept this or do we try to implement download obfuscation (e.g., by always downloading all meta files at once)?

[roeslpa]

@cburkert and @schulze what do you think?

[roeslpa]

At least as long as we only provide readable shares, downloading all meta data (or only the updated) at once should be sufficient to hide who is in possession of the keys.
If writeable shares are written to the creator's prefix by adapting the write policies, user relations are revealed by design. If every user writes modifications on its own prefix there might be solutions to hide the relations as well.

For now I propose to always download all meta data at once. To keep data live synced with the server, we could establish a "last update time file", which is always updated at a modification. This could be unencrypted, since write actions can be observed anyway. By polling this file, the download of meta files in case of new data on the server could be triggered. The same result would be achieved by using a "write log file", but more data would be stored instead of more data being downloaded.