On Thu, Aug 28, 2003 at 08:06:07AM -0400, John S. Denker wrote:
[...]
> The solution I outlined is modelled after
> procedures that governments have used for decades
> to defend against traffic analysis threats to
> their embassies and overseas military bases.
> 
> More specifically, anybody who thinks the scheme
> I described is vulnerable to a timing attack isn't
> paying attention.  I addressed this point several
> times in my original note.  All transmissions
> adhere to a schedule -- independent of the amount,
> timing, meaning, and other characteristics of the
> payload.

Different models.  You state in your previous note that it is important
that all the endpoints be trusted.  Traffic between military bases,
embassies etc all involve trusted endpoints.  A public website is
intrinsically not a trusted endpoint. 

Moreover, addition of "cover browsing" by the hub to random websites
doesn't add any significant protection if the goal is to provide
real-time access. 

-- 
Kent Crispin                               "Be good, and you will be
[EMAIL PROTECTED],[EMAIL PROTECTED]         lonesome."
p: +1 310 823 9358  f: +1 310 823 8649               -- Mark Twain


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to