traffic analysis

[David Wagner]

John S. Denker wrote:
>More specifically, anybody who thinks the scheme
>I described is vulnerable to a timing attack isn't
>paying attention.  I addressed this point several
>times in my original note.  All transmissions
>adhere to a schedule -- independent of the amount,
>timing, meaning, and other characteristics of the
>payload.

Are you sure you understood the attack?  The attack assumes that
communications links are insecure.  The *transmission* from Alice may
adhere to a fixed schedule, but that doesn't prevent the attacker from
introducing delays into the packets after transmission.

For instance, suppose I want to find out who is viewing my web site.
I have a hunch that Alice is visiting my web site right this instant,
and I want to test that hunch.  I delay Alice's outgoing packets, and I
check whether the incoming traffic to my web contains matching delays.
If so, it's a good bet that Alice has a connection open to my site.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com