[51989] in Cypherpunks
Re: FCC & Internet phones
daemon@ATHENA.MIT.EDU (Adam Shostack)
Mon Mar 11 22:40:12 1996
From: Adam Shostack <adam@homeport.org>
To: rittle@comm.mot.com
Date: Mon, 11 Mar 1996 22:20:59 -0500 (EST)
Cc: cypherpunks@toad.com
In-Reply-To: <9603120137.AA17060@supra.comm.mot.com> from "Loren James Rittle" at Mar 11, 96 07:37:38 pm
Loren James Rittle wrote:
| >Most
| >presumably use a mix of a UDP data connection and tcp for control
| >functions.
|
| OK, everything after the IP header is encrypted. I don't even know
| which protocol is in use.
Are you willing to play Mallet? Drop IP packets, and look for
duplicates. Those are TCP. (IPSEC might handle this, but I bet there
will be broken implementations that save time by resending.)
| >They all consist of high volume, long duration connections
| >(or data flows in the case of UDP.) Many probably use a standardized
| >destination port.
|
| OK, everything after the IP header is encrypted. I don't know
| which port is in use.
Which doesn't change the nature of the data, which is:
Alice sends long (3-60 second) heavy flows to Bob.
Alice's flow stops, Bobs picks up.
repeat.
| In short, assuming IPSEC, the data stream cannot be easily found.
| Slightly different assumptions led to a radically different outcome.
First, assume a can opener. :)
Actually, I'll bet you I can pick out your encrypted data for
the common case, which will continue to be a modem, which can't handle
heavy back traffic flows for the sake of hiding who is speaking.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
