traffic analysis

kent at kent at
Fri Aug 29 14:05:47 EDT 2003

On Thu, Aug 28, 2003 at 08:06:07AM -0400, John S. Denker wrote:
> The solution I outlined is modelled after
> procedures that governments have used for decades
> to defend against traffic analysis threats to
> their embassies and overseas military bases.
> More specifically, anybody who thinks the scheme
> I described is vulnerable to a timing attack isn't
> paying attention.  I addressed this point several
> times in my original note.  All transmissions
> adhere to a schedule -- independent of the amount,
> timing, meaning, and other characteristics of the
> payload.

Different models.  You state in your previous note that it is important
that all the endpoints be trusted.  Traffic between military bases,
embassies etc all involve trusted endpoints.  A public website is
intrinsically not a trusted endpoint. 

Moreover, addition of "cover browsing" by the hub to random websites
doesn't add any significant protection if the goal is to provide
real-time access. 

Kent Crispin                               "Be good, and you will be
crispin at,kent at         lonesome."
p: +1 310 823 9358  f: +1 310 823 8649               -- Mark Twain

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list