[Cryptography] Whether Henry Spencer's key-leak would be detected

Jonathan Thornburg jthorn at astro.indiana.edu
Tue Dec 31 03:05:40 EST 2013


Jerry Leichter wrote:
> If one in 65K packets were undecodeable, someone would notice very
> quickly.  Some users don't monitor the quality of their network
> connections, but many do. There's no way this could masquerade as bit
> errors on the underlying connection:  The undetected (by lower-level
> hardware/code) error rate is in the 1 in billions range.

John Gilmore replied:
> I tend to disagree.
> 
> Back in 1983 on the Sun engineering Ethernet, we discovered that a
> significant fraction of the packets were failing the CRC checks in
> their Ethernet chips -- more than twice the "1 in billions" fraction
> suggested in the Ethernet specs.
> 
> We never ran down why.  [[...]]
[[...]]
> What's the CRC error rate on *your* local Ethernet?  How does it compare
> to the IP checksum failure rate?  The TCP checksum failure rate?  When
> is the last time you looked?

I suspect things are much *worse* for long-haul networks, and even
worse for VPNs routed over the public internet.  If (say) 'ping' sees
1% of packets lost between Tokyo and Tehran, there are a lot of hops
involved, and a lot of different players who would need to be contacted
to pin down where the packets are being 'lost'.

-- 
-- "Jonathan Thornburg [remove -animal to reply]" <jthorn at astro.indiana-zebra.edu>
   Dept of Astronomy & IUCSS, Indiana University, Bloomington, Indiana, USA
   "There was of course no way of knowing whether you were being watched
    at any given moment.  How often, or on what system, the Thought Police
    plugged in on any individual wire was guesswork.  It was even conceivable
    that they watched everybody all the time."  -- George Orwell, "1984"


More information about the cryptography mailing list