Re: Traffic Analysis

To: ietf-ssh%netbsd.org@localhost
Subject: Re: Traffic Analysis
From: Ben Harris <bjh21%bjh21.me.uk@localhost>
Date: Mon, 17 Jan 2005 12:05:13 +0000

In article <20050117080918.GB3559@folly> you write:
>On Mon, Jan 17, 2005 at 12:14:40AM +0000, Ben Harris wrote:
>> It might also be worth mentioning that the "random padding" field can be
>> used to obscure the length of packets.  I'd suggest, after "SSH_MSG_IGNORE
>> packet" adding ", and variable-length random padding,", though that wording
>> could doubtless be improved.
>
>please don't add this, random padding is wrong and
>does not really help, as it can be filtered out.

How so?  The padding, and its length, are encrypted, so I can't see how an
attacker is likely to be able to filter out the padding unless they've
already broken the cipher, in which case their knowing the length of the
packet is the least of our problems.

If there's something I've overlooked, then an explanation of it probably
needs to be added to the Security Considerations so that others don't
overlook it too.

-- 
Ben Harris

References:
- Traffic Analysis
  - From: Chris Lonvick
- Re: Traffic Analysis
  - From: Ben Harris
- Re: Traffic Analysis
  - From: Markus Friedl

Prev by Date: Re: Traffic Analysis
Next by Date: Re: Traffic Analysis
Previous by Thread: Re: Traffic Analysis
Next by Thread: Re: Traffic Analysis
Indexes:

Home | Main Index | Thread Index | Old Index