undersea taps

Matthew Pemble matthew at idrach.com
Sun Jun 3 16:52:29 EDT 2001



Eugene.Leitl at lrz.uni-muenchen.de wrote:
> 
> <SNIP>
> 
> Whether they're really tapping them, or not, and by whatever means,
> the sane assumption is that everything that goes out in clear is
> stored for later analysis, if any.
> 

No, the "sane" assumption is that everything that goes out in clear is *
potentially * captured and stored for later analysis.  As previously
discussed, the sheer volumes of data transmitted on the monitorable
networks are so vast that filtering at time of capture is necessary.

Now, this means that you should, from a risk analysis point of view,
assume that it is your sensitive data that is going to trip the filters
- this is the "security by obscurity" versus "security by design"
argument.


> The real issue, of course, is to get strong cryptography deployed
> ubiquitously, so that anything intercepted will require considerable
> resources (whether man in the middle (by no means academic, if you
> control the bulk of the traffic), or breaking a cryptosystem),
> and making mass screening for keywords (such as in this mail --
> welcome to Echelon's database, email is low-bandwidth, and storage
> is cheap these days) impractical.
> 

Many individual emails are low data volume, but I normally get a dozen
or so .5MB to 2MB emails a week, never mind the couple of thousand 5kB
emails.  There are lots of people out there.  Storage is relatively
cheap, true, but accessing that volume is, as anyone who has been
designing backup solutions recently will testify, not keeping up to
speed.



-- 
Matthew Pemble
Eur Ing CEng MIEE MBCS AIMgt

Technical Director
Idrach Ltd

Tel:	+ 44 (0) 7050 128620
Fax:	+ 44 (0) 1324 610367

Email:	matthew at idrach.com
Web:	www.idrach.com



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list