[Cryptography] traffic analysis -> let's write an RFC?

Ben Laurie benl at google.com
Thu Jan 29 07:06:54 EST 2015

On 29 January 2015 at 12:01, Jerry Leichter <leichter at lrw.com> wrote:

> On Jan 29, 2015, at 6:03 AM, Ben Laurie <benl at google.com> wrote:
> Jerry Leichter wrote:
>> > > Different network designs can also help.  If you own the link and
>> both of
>> > > its ends, it costs you exactly the same to send continuous random
>> bits as
>> > > to leave the line idle.
>> Ben Laurie wrote:
>> > Yeah, but ... who can realistically afford that bandwidth?
>> Your employer Google can - it owns the fibers among its data centers
>> (and many other fibers, I believe).  Clearly, Jerry's remark ("If you
>> own the link") was addressed to link-level encryption.
> Clearly the idea was you design your network so that you do own the link.
> Which brings me back to my question (even Google cannot afford that much
> network, I suspect).
> No.  The idea was to examine possible approaches.  Someone, after all,
> *does* own the link; if that someone wishes to prevent traffic analysis,
> they have an easy approach available to them.

As you point out below, not if the traffic is switched on a shared link.

> Using packet-switching on shared links has had enormous cost benefits -
> it's what made the Internet possible.  But as we're discovering, it's also
> had very unfortunate side-effects on security and privacy.  The issue now
> is how to mitigate the effects without losing the benefits.  Encryption at
> multiple layers in the stack is part of the solution, but is insufficient
> on its on to protect against traffic analysis.  We need new ideas here.
>                                                         -- Jerry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150129/22669eda/attachment.html>

More information about the cryptography mailing list