IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: AEAD in ssh



Hi Peter,

Peter wrote:
> See "Peek-a-Book, I Still See You: Why Efficient Traffic Analysis
> Countermeasures Fail" by Dyer, Coult, Ristenpart and Shrimpton. The
> conclusion from the research: It's completely pointless, none of their
> attacks even bother looking at the length field, so encrypting it is
> entirely irrelevant.

Many thanks for the pointer to the document. At only fifteen pages, it
packs in a lot of useful information on Traffic Analysis (TA)
countermeasures for web sites into a single paper.

> Or, more importantly, it offers negative utility in that it makes
> processing much harder and has led to exploitable vulnerabilities in
> the past.

I do understand that processing is much harder and that exploitable
vunlerabilities are an issue.

I am not sure that the TA for web page traffic directly maps to the SSH
TA threats. That said, the paper does raise questions about how to
effeciently use such counermeasures and requires a bit more thinking
on my part.

	Thanks!
	-- Mark



Home | Main Index | Thread Index | Old Index