On 2012-04-28 4:05 PM, ianG wrote:
the cryptographer's push for AE mode is simply the creation of a more perfect hammer, when our real worries are about the building, not the nail.
Well said. Cryptographers have a habit of building a fortress with three entirely impregnable walls and one picket fence with a permanently open gate in it.
Yes. Let's talk about traffic analysis - how are we going to mitigate traffic analysis? That's much more interesting.
Assume everything is encrypted. Then stuff that is not time urgent (documents and whatever replaces email), will usually go to some central server farm, and then out again on demand. If everyone sends in their edits and messages encrypted, so that only server sees the addressees, then traffic analysis tells you Ann and Carol are using server X, but not that Ann is using server X to communicate with Carol.
Interactive voice and video calls must necessarily go by the most direct possible path from one network address to another, thus traffic analysis will reveal that one network address is communicating with another network address. This seems unavoidable.
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
