IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

RE: AEAD in ssh



Damien Miller <djm%mindrot.org@localhost> writes:

>Peek-a-Boo makes clear that encrypted lengths aren't *sufficient*, but I 
>don't think it's so clear that they aren't necessary or useful.

I assume you're referring to this subheading:

  Hiding packet lengths is not sufficient.

This is followed by:

  We initiate a study of classifiers that do not directly use fine-grained 
  features such as individual packet lengths. The VNG++ classifier just 
  mentioned uses only “coarse” information, including overall time, total 
  bandwidth, and size of bursts. In fact, we provide a naiive Bayes 
  classifier that uses only the total bandwidth for training and testing, 
  yet still achieves greater than 98% accuracy at k = 2 and 41% accuracy at 
  k = 128. 

So neither of the two classifiers they discuss use plaintext packet length 
information even though it's readily available.  They never really discuss 
whether it's useful or not since they're totally ignoring it, because their
analysis doesn't need it in order to work.

Peter.


Home | Main Index | Thread Index | Old Index