On Mon, 23 Oct 2006 11:43:17 +0200, George Danezis
<[EMAIL PROTECTED]> wrote:

> Hi Leandro,
> 
> I am compiling a review paper on traffic analysis as well as a talk.
> They can be found here:
> 
> http://homes.esat.kuleuven.be/~gdanezis/TAIntro.pdf
> http://homes.esat.kuleuven.be/~gdanezis/talks/TAIntro-prez.pdf
> 
> These will soon be expanded (by January) since they are going to be
> presented as a talk to the CCC (Berlin) as well as a book chapter.
> 
> If anyone with material on the subject can give me more pointers I would
> be most grateful.
> 
Very nice summary.  I'd add a few things.

First, on a topical note, Hewlett-Packard obtained call records of various
people, including members of its own board and reporters for major
publications.  In other words, there's a private sector threat.  Second,
in many cases the beauty of traffic analysis is that it can be done after
the fact.  Phone companies don't keep recordings of all conversations;
they do keep billing data.

In a legal vein, in some jurisdictions (i.e., the U.S.) traffic analysis
warrants are *much* easier to obtain than wiretaps.  Philosophically, the
distinction is because traffic analysis data (and in particular telephone
calling records) is information that was voluntarily given to a third
party, the phone company.  There is thus no expectation of privacy.
Again, this is U.S. law; your jurisdiction's law may vary.

Finally, you should cite the Zendian problem, since it's a classic
published training exercise.

                --Steven M. Bellovin, http://www.cs.columbia.edu/~smb

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to