On 17 Jul 2017, at 16:23, Blumenthal, Uri - 0553 - MITLL wrote:
It may, or it may not – depending on the sophistication of your adversary. It is not given that you’d be able to “simply detect the presence of an additional crypto layer”, particularly if measures are taken to hide it.
Sure. I'm familiar with those counter-detection techniques, as I'm sure many (most?) of those involved in this discussion are. And of course there are counters to those counters . . . it's counters all the way down!
;>
The standard definition of “traffic analysis” is deducing information from the metadata and the patterns of communications. It explicitly does NOT rely on knowing the content of the traffic (which is assumed to be opaque).
That's what I was trying to get across - that uncovering an unexpected layer of encryption, even without the ability to decrypt it, is very useful in a security context.
Sorry for being unclear! ----------------------------------- Roland Dobbins <rdobb...@arbor.net> _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
