[13966] in cryptography@c2.net mail archive
Re: traffic analysis
daemon@ATHENA.MIT.EDU (David Wagner)
Fri Aug 29 14:49:59 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: cryptography@metzdowd.com
From: daw@mozart.cs.berkeley.edu (David Wagner)
Date: Thu, 28 Aug 2003 20:26:27 +0000 (UTC)
X-Complaints-To: usenet@abraham.cs.berkeley.edu
John S. Denker wrote:
>More specifically, anybody who thinks the scheme
>I described is vulnerable to a timing attack isn't
>paying attention. I addressed this point several
>times in my original note. All transmissions
>adhere to a schedule -- independent of the amount,
>timing, meaning, and other characteristics of the
>payload.
Are you sure you understood the attack? The attack assumes that
communications links are insecure. The *transmission* from Alice may
adhere to a fixed schedule, but that doesn't prevent the attacker from
introducing delays into the packets after transmission.
For instance, suppose I want to find out who is viewing my web site.
I have a hunch that Alice is visiting my web site right this instant,
and I want to test that hunch. I delay Alice's outgoing packets, and I
check whether the incoming traffic to my web contains matching delays.
If so, it's a good bet that Alice has a connection open to my site.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
