[Cryptography] nytimes.com switches to https
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Jan 11 18:19:03 EST 2017
Christian Huitema <huitema at huitema.net> writes:
>The good news is that the use of message length as a side channel is now
>widely understood. TLS 1.3 supports message padding.
SSLv3 supported message padding. It was just as ineffective then as it will
be in TLS 1.3, see e.g. "Peek-a-Boo, I Still See You: Why Efficient Traffic
Analysis Countermeasures Fail" by Dyer et al. tl;dr version: To be truly
effective, the amount of overhead required in terms of dummy traffic and noise
is impractical, as much as 400%. Since the goal of TLS 1.3 is to make content
delivery by Google et al as efficient as possible, they're not going to negate
all that again just to defeat traffic analysis.
Peter.
More information about the cryptography
mailing list