On Thu, Aug 28, 2003 at 08:06:07AM -0400, John S. Denker wrote: [...] > The solution I outlined is modelled after > procedures that governments have used for decades > to defend against traffic analysis threats to > their embassies and overseas military bases. > > More specifically, anybody who thinks the scheme > I described is vulnerable to a timing attack isn't > paying attention. I addressed this point several > times in my original note. All transmissions > adhere to a schedule -- independent of the amount, > timing, meaning, and other characteristics of the > payload.
Different models. You state in your previous note that it is important that all the endpoints be trusted. Traffic between military bases, embassies etc all involve trusted endpoints. A public website is intrinsically not a trusted endpoint. Moreover, addition of "cover browsing" by the hub to random websites doesn't add any significant protection if the goal is to provide real-time access. -- Kent Crispin "Be good, and you will be [EMAIL PROTECTED],[EMAIL PROTECTED] lonesome." p: +1 310 823 9358 f: +1 310 823 8649 -- Mark Twain --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
