Re: Binary packet protocol rethink

To: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Subject: Re: Binary packet protocol rethink
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: Mon, 30 Nov 2015 09:01:49 +0100

Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost> writes:

>   You get traffic analysis resistance by, for example, breaking data into 
>   fixed-length packets, using cover traffic, and messing with packet 
>   timings, not by encrypting TLS headers.

One can do all of these with the current ssh wire protocol. It's even
straight-forward to do. But if we switch to clear text lengths (with no
other, deeper, changes to the protocol), it gets a lot more difficult.

So encrypted packet lengths aren't a solution, but they're a
*prerequisite* for the more serious counter measures.

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.

Follow-Ups:
- RE: Binary packet protocol rethink
  - From: Peter Gutmann

References:
- ChaCha20-Poly1305 for SSH
  - From: Simon Josefsson
- Re: ChaCha20-Poly1305 for SSH
  - From: Niels Möller
- Binary packet protocol rethink (was: Re: ChaCha20-Poly1305 for SSH)
  - From: Simon Tatham
- RE: Binary packet protocol rethink (was: Re: ChaCha20-Poly1305 for SSH)
  - From: Peter Gutmann
- RE: Binary packet protocol rethink (was: Re: ChaCha20-Poly1305 for SSH)
  - From: Damien Miller
- RE: Binary packet protocol rethink (was: Re: ChaCha20-Poly1305 for SSH)
  - From: Peter Gutmann

Prev by Date: RE: Binary packet protocol rethink (was: Re: ChaCha20-Poly1305 for SSH)
Next by Date: RE: Binary packet protocol rethink
Previous by Thread: RE: Binary packet protocol rethink (was: Re: ChaCha20-Poly1305 for SSH)
Next by Thread: RE: Binary packet protocol rethink
Indexes:

Home | Main Index | Thread Index | Old Index