Hi Valery,
Yes, these are lossy algorithms, but the TLS/HTTP attacks are all with
lossless algorithms. And as far as I know, they are applicable to any
situation where here is an attacker that can force traffic on the wire,
mixed with other, non-attacker controlled traffic. So IMO they are not
restricted to just HTTP.
Thanks,
Yaron
On 02/09/16 16:32, Valery Smyslov wrote:
Yaron,
I don't think these attacks are relevant to ESP compression.
As far as I understand, they rely on statistical analysis of the frame
lengthes when phonems are encoded with a lossy compression algorithm. I
don't see how it affects losless compression used in ESP.
Regards,
Valery.
Valery, here's what I could find:
* https://www.cs.jhu.edu/~cwright/oakland08.pdf
* http://www.techeye.net/security/skypes-encryption-destroyed-by-phonemes
And another attack was published recently, but I cannot find it.
So this is for voice, and the better known TLS attack are for HTTP.
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
