On 28 April 2012 02:31, James A. Donald <jam...@echeque.com> wrote: > On 2012-04-28 4:05 PM, ianG wrote: >> >> the cryptographer's push for AE mode is simply the creation of a more >> perfect hammer, when our real worries are about the building, not the >> nail. > > > Well said. Cryptographers have a habit of building a fortress with three > entirely impregnable walls and one picket fence with a permanently open gate > in it. > >> Yes. Let's talk about traffic analysis - how are we going to mitigate >> traffic analysis? That's much more interesting. > > > Assume everything is encrypted. Then stuff that is not time urgent > (documents and whatever replaces email), will usually go to some central > server farm, and then out again on demand. If everyone sends in their edits > and messages encrypted, so that only server sees the addressees, then > traffic analysis tells you Ann and Carol are using server X, but not that > Ann is using server X to communicate with Carol.
Ann sends a message to the server at 10:00 am every day Carol receives a message every day 10:05 am every day One day an attacker artificially holds up Ann's message by 45 minutes. That day carol receives a message 45 minutes later. An attacker could reasonably conclude that Ann is contacting Carol -- Eitan Adler _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography