John S. Denker wrote: >More specifically, anybody who thinks the scheme >I described is vulnerable to a timing attack isn't >paying attention. I addressed this point several >times in my original note. All transmissions >adhere to a schedule -- independent of the amount, >timing, meaning, and other characteristics of the >payload.
Are you sure you understood the attack? The attack assumes that communications links are insecure. The *transmission* from Alice may adhere to a fixed schedule, but that doesn't prevent the attacker from introducing delays into the packets after transmission. For instance, suppose I want to find out who is viewing my web site. I have a hunch that Alice is visiting my web site right this instant, and I want to test that hunch. I delay Alice's outgoing packets, and I check whether the incoming traffic to my web contains matching delays. If so, it's a good bet that Alice has a connection open to my site. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
