On Nov 5, 2013, at 4:09 PM, Theodore Ts'o <[email protected]> wrote: > On Tue, Nov 05, 2013 at 10:01:58AM -0500, Phillip Hallam-Baker wrote: >> The payoff for this effort is a major increase in work factor and in >> particular, forcing an adversary attempting a traffic analysis attack to >> intercept and decrypt multiple fire hoses. 40Gb/sec is quite a lot of data >> to store. It is over an exabyte per link per year. Or about a quarter >> million 4Tb hard drives. Or $200 million at $500 per drive (including >> racking etc.) > > That's assuming the attacker is going to attack link-level security > --- which to me sounds like the French assuming the Germans would make > a full frontal assault on the Maginot Line. >
Every national security unit with submarine capability implements undersea fiber taps. Literally, they send out a sub, tap a fiber, mirror its data onto another “dark” fiber in the bundle (or a fiber leased to a puppet), and start scraping data — mostly “metadata” from the pipe. Scambling every fiber is going to seriously mess with that sort of intercept. This is believed to be the attack model executed on Google, tapping fibers between their data centers. > It would seem that a much more intelligent thing for the adversary to > do is to force/induce/send a national security letter/FISA warrant so > as to put the tap between the decryption gear and the default-free > zone router. Sure. But at least somebody knows who is scraping the data that way. This requires “legal” mechanisms be deployed. Much of the current concern is about illegal (or “secret quasi-legal with no review and no recourse") intercepts. — Dean _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
