[Cryptography] traffic analysis -> let's write an RFC?

grarpamp grarpamp at gmail.com
Fri Jan 30 22:45:28 EST 2015

Et al wrote:
> Google can - it owns the fibers among its data centers
> (and many other fibers, I believe).  Clearly, Jerry's remark ("If you
> own the link") was addressed to link-level encryption.

: Clearly the idea was you design your network so that you do own the link.
: Which brings me back to my question (even Google cannot afford that
much network, I suspect).

> Using packet-switching on shared links has had enormous cost benefits - it's
> what made the Internet possible.  But as we're discovering, it's also had
> very unfortunate side-effects on security and privacy.  The issue now is how

Not sure there is a difference between packet and circuit switching
in the adversary sense? ie: How often are you, (as a consumer, not
a tier-1/2 operator) out buying lateral circuits/SLA's along the 3rd, 4th
and further outward rings to reach your destination on the other side...
as opposed to cheaply buying all your access through one provider
and defaulting straight through to the core. Diversifying around a
central problem is expensive, in particular when the problem has
partnered and extended its reach ever closer to the ring you reside
on. So even if you were buying, you'd still be subject.

Strict circuit switching research seems dead with lingering analogs
in POTS, ATM, X.25 and MPLS. And the lack of strict source routing
is a trust issue with all of them as with anything you don't own and
monitor (if that was the meaning of the unsaid circuit reference). If
there was a difference, decades old research would need to be
rebooted and complete redeployment. Not going to happen.

Virtual circuits are alive and well though. Even with some research
and use of source routing, as in Tor and similar networks today
that maintain some list/DHT of available nodes.

More information about the cryptography mailing list