[Cryptography] traffic analysis -> let's write an RFC?
Ben Laurie
benl at google.com
Thu Jan 29 07:06:54 EST 2015
On 29 January 2015 at 12:01, Jerry Leichter <leichter at lrw.com> wrote:
> On Jan 29, 2015, at 6:03 AM, Ben Laurie <benl at google.com> wrote:
>
> Jerry Leichter wrote:
>> > > Different network designs can also help. If you own the link and
>> both of
>> > > its ends, it costs you exactly the same to send continuous random
>> bits as
>> > > to leave the line idle.
>>
>> Ben Laurie wrote:
>> > Yeah, but ... who can realistically afford that bandwidth?
>>
>> Your employer Google can - it owns the fibers among its data centers
>> (and many other fibers, I believe). Clearly, Jerry's remark ("If you
>> own the link") was addressed to link-level encryption.
>>
>
> Clearly the idea was you design your network so that you do own the link.
> Which brings me back to my question (even Google cannot afford that much
> network, I suspect).
>
> No. The idea was to examine possible approaches. Someone, after all,
> *does* own the link; if that someone wishes to prevent traffic analysis,
> they have an easy approach available to them.
>
As you point out below, not if the traffic is switched on a shared link.
> Using packet-switching on shared links has had enormous cost benefits -
> it's what made the Internet possible. But as we're discovering, it's also
> had very unfortunate side-effects on security and privacy. The issue now
> is how to mitigate the effects without losing the benefits. Encryption at
> multiple layers in the stack is part of the solution, but is insufficient
> on its on to protect against traffic analysis. We need new ideas here.
> -- Jerry
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150129/22669eda/attachment.html>
More information about the cryptography
mailing list