Re: AEAD in ssh

To: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Subject: Re: AEAD in ssh
From: "Mark D. Baushke" <mdb%juniper.net@localhost>
Date: Tue, 2 Feb 2016 22:39:50 -0800

Hi Peter,

Peter wrote:
> See "Peek-a-Book, I Still See You: Why Efficient Traffic Analysis
> Countermeasures Fail" by Dyer, Coult, Ristenpart and Shrimpton. The
> conclusion from the research: It's completely pointless, none of their
> attacks even bother looking at the length field, so encrypting it is
> entirely irrelevant.

Many thanks for the pointer to the document. At only fifteen pages, it
packs in a lot of useful information on Traffic Analysis (TA)
countermeasures for web sites into a single paper.

> Or, more importantly, it offers negative utility in that it makes
> processing much harder and has led to exploitable vulnerabilities in
> the past.

I do understand that processing is much harder and that exploitable
vunlerabilities are an issue.

I am not sure that the TA for web page traffic directly maps to the SSH
TA threats. That said, the paper does raise questions about how to
effeciently use such counermeasures and requires a bit more thinking
on my part.

	Thanks!
	-- Mark

Follow-Ups:
- RE: AEAD in ssh
  - From: Peter Gutmann

References:
- Re: AEAD in ssh
  - From: denis bider
- RE: AEAD in ssh
  - From: Peter Gutmann

Prev by Date: RE: AEAD in ssh
Next by Date: RE: AEAD in ssh
Previous by Thread: RE: AEAD in ssh
Next by Thread: RE: AEAD in ssh
Indexes:

Home | Main Index | Thread Index | Old Index