On Fri, 11 Jan 2002, Kurt Seifried wrote:
Basically it's a lesson that yes traffic analysis works, and it can be combatted intelligently. Things like putting in a timing loop to openssh and delaying packets till the next 10 or 50 ms interval for example so packet timing gets delayed a bit and isn't as informative. As for guessing
That question (as most in software design) is full of tradeoffs. People using ssh interactively want uniform short delays. That behaviour enables timing attacks. A steady flow of encrypted traffic regardless of interactive use would be optimal from a security standpoint but a waste of bandwidth. Robert -- Robert Casties --------------------- http://philoscience.unibe.ch/~casties History & Philosophy of Science Tel: +41/31/631-8505 Room: 216 Institute for Exact Sciences Sidlerstrasse 5, CH-3012 Bern Uni Bern (PGP key on homepage: 3C7E CAA6 0A2A 6955 AA25)