[Cryptography] traffic analysis
outer at sympatico.ca
Wed Jan 28 21:47:52 EST 2015
On 2015-01-28 (28), at 17:09:34, dj at deadhat.com wrote:
>> If we have a continually full channel full of fulsome noise, how does the
>> distinguish valid traffic from nothing? Are there false positive & false
>> rates at play here? Presumably both would have to be dialled down to be
>> pretty low.
> With a suitable shared secret at both ends arranged by the key agreement
> of your choice, a pseudorandom sequence can be xored on top of the wire
> and de-xored at the other end (assuming this is compatible with the phy).
> If you have to meet framing on the wire, then you need filler packets and
> you can do something similar within the data fields, with the filler
> packets decoding to "This isn't a real packet" with packet sizes following
> the usual distribution.
> It can be done, it just won't be done by your vendor.
Ah hah! Thus the need of a key indicator of some kind?
More information about the cryptography