[Cryptography] traffic analysis -> let's write an RFC?

Bill Stewart billstewart at pobox.com
Wed Jan 28 02:39:18 EST 2015


At 03:13 PM 1/27/2015, John Gilmore wrote:
>If you merely encrypt transport layer packets (IP packets), as in
>IPsec, their destinations are visible.  So you have to do link
>level encryption to prevent traffic analysis.
>
>I think it's significant that there is no RFC standard for encrypted
>link-level traffic, either with or without with dummy traffic, and no
>free software implementation either.  We on this list could do a lot
>to improve that situation.

PPTP sort of counts as what you're asking for,
except for the part about it being hopelessly broken.
Things I've seen in the field have generally been more like
GRE-over-IPSEC or maybe L2TP-over-IPSEC.



More information about the cryptography mailing list