David Wagner wrote:

> One could reasonably ask how often it is in practice that we have a
> physical channel whose authenticity we trust, but where eavesdropping
> is a threat.  I don't know.

The only answer that I have come across - to which I
ascribe no view on accuracy - is "undersea fibre" [1].

According to the story, it is possible tap into an
undersea fibre without cutting into it, or the shield.
Something about a device that bends the fibre, and
listens to the energy that escapes...  It's accurate
enough to isolate individual fibres in a bundle.  Of
course.

Which makes the attack simply a matter of getting there,
and for this purpose there are special assets available.
(I.e., submarines.  google USS Jimmy Carter.)

So, the analysis shifts to your threat model described
above.  How do you know when the enemy - a state that
has these subs and these beam benders - is listening
on our fibre?

Personally, it all sounds like too much like a bad
science fiction novel, where normal crypto practices
are forgotten for plot reasons.  But, that may still
be indistinguishable from the actions of your average
empire, from where we sit.  It remains an interesting
thought experiment, as long as we don't forget to
challenge the "because we said so" assumptions...

iang

PS: I think there is one place where "QC" might
make more sense:  SOSUS.  With that network,
you don't so much care that the enemy is listening
in on your fibre (e.g., RTP commsec says that you
don't encrypt the enemy's location because he
already knows it.  Although there is more to it
than that.)

What you want is to find out where the enemy is
listening in, and when.  Then, it just becomes
another data point in the tracking game.

Still, it seems too elusive an advantage to worry
about, in a practical sense.  Once the enemy
figures it out, he'll stop doing it.  Or do it
to insert bad data.

[1] http://zdnet.com.com/2100-11-529826.html?legacy=zdnn
http://www.spectrum.ieee.org/WEBONLY/publicfeature/apr03/code.html

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to