[Cryptography] traffic analysis

Richard Outerbridge outer at sympatico.ca
Wed Jan 28 21:47:52 EST 2015


On 2015-01-28 (28), at 17:09:34, dj at deadhat.com wrote:
> 
> 
>> If we have a continually full channel full of fulsome noise, how does the
>> receiver
>> distinguish valid traffic from nothing? Are there false positive & false
>> negative
>> rates at play here? Presumably both would have to be dialled down to be
>> pretty low.
>> 
> 
> With a suitable shared secret at both ends arranged by the key agreement
> of your choice, a pseudorandom sequence can be xored on top of the wire
> and de-xored at the other end (assuming this is compatible with the phy).
> 
> If you have to meet framing on the wire, then you need filler packets and
> you can do something similar within the data fields, with the filler
> packets decoding to "This isn't a real packet" with packet sizes following
> the usual distribution.
> 
> It can be done, it just won't be done by your vendor.

Ah hah! Thus the need of a key indicator of some kind?
__outer



More information about the cryptography mailing list