Traffic analysis

It's a non-subtle, non-trivial problem. In some cases, signficant information can be obtained by apparently casual observation. Note the data-level exploit possible from monitoring modem indicator LEDs published recently.

There's also been discussion, much in light of 11 Sept., about information which can be gathered just knowing patterns of contact and phone calls among terrorists (or suspected terrorists). In PKI circles, it's well known that establishing patterns of who's signed whose keys provides verifiable, hard, nonrefutable evidence of associations and meetings among people. Most keysigning protocols make clear that if you don't want your association made public, you'd best not let your signed key into the wild.

Similarly, deaddrop communications are much better than point-to-point messages. While PKI allows for use of well-known public keys, there's also another pattern of communications possible using otherwise secret keys, though this varies strongly from the typical PKI usage pattern. For all anyone knows, I could be encoding messages steganographically into arbitrary variances in the posts I make at zIWETHEY. My own grammar and language patterns are sufficient that subtle changes in word choice or radnom mispellings might be highly significant.

See generally Applied Cryptography for much discussion of this topic.

Post #32,098 by kmself 3/13/02 9:02:40 PM Reply	Traffic analysis It's a non-subtle, non-trivial problem. In some cases, signficant information can be obtained by apparently casual observation. Note the data-level exploit possible from monitoring modem indicator LEDs published recently. There's also been discussion, much in light of 11 Sept., about information which can be gathered just knowing patterns of contact and phone calls among terrorists (or suspected terrorists). In PKI circles, it's well known that establishing patterns of who's signed whose keys provides verifiable, hard, nonrefutable evidence of associations and meetings among people. Most keysigning protocols make clear that if you don't want your association made public, you'd best not let your signed key into the wild. Similarly, deaddrop communications are much better than point-to-point messages. While PKI allows for use of well-known public keys, there's also another pattern of communications possible using otherwise secret keys, though this varies strongly from the typical PKI usage pattern. For all anyone knows, I could be encoding messages steganographically into arbitrary variances in the posts I make at zIWETHEY. My own grammar and language patterns are sufficient that subtle changes in word choice or radnom mispellings might be highly significant. See generally Applied Cryptography for much discussion of this topic. `-- Karsten M. Self [link\|mailto:kmself@ix.netcom.com\|kmself@ix.netcom.com] [link\|http://kmself.ix.netcom.com/\|[link\|http://kmself.ix.netcom.com/\|http://kmself.ix.netcom.com/]] What part of "gestalt" don't you understand?`
Post #32,109 by ben_tilly 3/13/02 11:29:21 PM Reply	anyone knows? OTOH some of us might know that it would take more self-restraint and forethought to do so than you are psersonally capable of... :-P Cheers, Ben "... I couldn't see how anyone could be educated by this self-propagating system in which people pass exams, teach others to pass exams, but nobody knows anything." --Richard Feynman
Post #32,233 by a6l6e6x 3/14/02 4:51:25 PM Reply	Low order bits of pixels in Karsten picture work as well. Alex "Never express yourself more clearly than you think." -- Neils Bohr (1885-1962)

Welcome to IWETHEY!