Traffic Analysis References
Steven M. Bellovin
smb at cs.columbia.edu
Mon Oct 23 20:12:00 EDT 2006
On Mon, 23 Oct 2006 11:43:17 +0200, George Danezis
<george.danezis at esat.kuleuven.be> wrote:
> Hi Leandro,
>
> I am compiling a review paper on traffic analysis as well as a talk.
> They can be found here:
>
> http://homes.esat.kuleuven.be/~gdanezis/TAIntro.pdf
> http://homes.esat.kuleuven.be/~gdanezis/talks/TAIntro-prez.pdf
>
> These will soon be expanded (by January) since they are going to be
> presented as a talk to the CCC (Berlin) as well as a book chapter.
>
> If anyone with material on the subject can give me more pointers I would
> be most grateful.
>
Very nice summary. I'd add a few things.
First, on a topical note, Hewlett-Packard obtained call records of various
people, including members of its own board and reporters for major
publications. In other words, there's a private sector threat. Second,
in many cases the beauty of traffic analysis is that it can be done after
the fact. Phone companies don't keep recordings of all conversations;
they do keep billing data.
In a legal vein, in some jurisdictions (i.e., the U.S.) traffic analysis
warrants are *much* easier to obtain than wiretaps. Philosophically, the
distinction is because traffic analysis data (and in particular telephone
calling records) is information that was voluntarily given to a third
party, the phone company. There is thus no expectation of privacy.
Again, this is U.S. law; your jurisdiction's law may vary.
Finally, you should cite the Zendian problem, since it's a classic
published training exercise.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list