<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">On Jan 29, 2015, at 6:03 AM, Ben Laurie <<a href="mailto:benl@google.com">benl@google.com</a>> wrote:<div><blockquote type="cite"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div id=":5r4" class="a3s" style="overflow:hidden">Jerry Leichter wrote:<br>
> > Different network designs can also help. If you own the link and both of<br>
> > its ends, it costs you exactly the same to send continuous random bits as<br>
> > to leave the line idle.<br>
<br>
Ben Laurie wrote:<br>
> Yeah, but ... who can realistically afford that bandwidth?<br>
<br>
Your employer Google can - it owns the fibers among its data centers<br>
(and many other fibers, I believe). Clearly, Jerry's remark ("If you<br>
own the link") was addressed to link-level encryption.<br></div></blockquote></div><br>Clearly the idea was you design your network so that you do own the link. Which brings me back to my question (even Google cannot afford that much network, I suspect).</div></div>
</blockquote>No. The idea was to examine possible approaches. Someone, after all, *does* own the link; if that someone wishes to prevent traffic analysis, they have an easy approach available to them.</div><div><br></div><div>Using packet-switching on shared links has had enormous cost benefits - it's what made the Internet possible. But as we're discovering, it's also had very unfortunate side-effects on security and privacy. The issue now is how to mitigate the effects without losing the benefits. Encryption at multiple layers in the stack is part of the solution, but is insufficient on its on to protect against traffic analysis. We need new ideas here.</div><div><div> -- Jerry</div><div><br></div></div><br></body></html>