IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Traffic Analysis



In article <20050117080918.GB3559@folly> you write:
>On Mon, Jan 17, 2005 at 12:14:40AM +0000, Ben Harris wrote:
>> It might also be worth mentioning that the "random padding" field can be
>> used to obscure the length of packets.  I'd suggest, after "SSH_MSG_IGNORE
>> packet" adding ", and variable-length random padding,", though that wording
>> could doubtless be improved.
>
>please don't add this, random padding is wrong and
>does not really help, as it can be filtered out.

How so?  The padding, and its length, are encrypted, so I can't see how an
attacker is likely to be able to filter out the padding unless they've
already broken the cipher, in which case their knowing the length of the
packet is the least of our problems.

If there's something I've overlooked, then an explanation of it probably
needs to be added to the Security Considerations so that others don't
overlook it too.

-- 
Ben Harris



Home | Main Index | Thread Index | Old Index