Website fingerprinting attacks enable an adversary to infer which website a victim is visiting, even if the victim uses an encrypting proxy, such as Tor. Previous work has shown that all proposed defenses against website fingerprinting attacks are ineffective. This paper advances the study of website fingerprinting attacks and defenses in two ways. They develop bounds on the trade-off between security and bandwidth overhead that any fingerprinting defense scheme can achieve. This enables the user to compare schemes with different security/overhead trade-offs by comparing how close they are to the lower bound.