[Cryptography] Dark Web should really be called the Twilight Web

Phillip Hallam-Baker phill at hallambaker.com
Thu May 28 15:13:35 EDT 2015

On Thu, May 28, 2015 at 1:26 AM, grarpamp <grarpamp at gmail.com> wrote:

> On Wed, May 27, 2015 at 11:08 PM, Phillip Hallam-Baker
> <phill at hallambaker.com> wrote:
> For whatever part of your threat models above includes global passive
> adversary watching the input and output points of your network
> of choice and lining up traffic observations... there is little defense
> to be taken other than filling your unused capacity with fill traffic.
> No network to date appears to be developing or using that defense.
> There have been threads on that within the last year, and even one on
> making such background fill a part of IEEE for fiber and copper physical
> links.

Fill is very expensive at the network layer but (almost) trivially cheap at
the link layer. The cost comes in having to think about how much data is
disclosed in the link layer framing. This is not necessarily a performance
issue but can certainly be an architectural constraint.

If a non-fill switch has no load, a packet is going to appear on one port
and be routed to the destination immediately. That provides a tell for the
path taken by that packet.

If the switch has link layer fill so that every link is encrypted and
exchanges garbage during quiet time, a packet arriving in the situation
above will either end up queued behind a junk frame or require the junk
frame to be aborted in some fashion.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150528/d8c8758f/attachment.html>

More information about the cryptography mailing list