[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LEAF, SS7
[email protected] writes:
> But the LEAF itself is encrypted, including the session key, so
> enemies can't do traffic analysis based on the LEAF.
"Enemies"? Isn't that a subjective term? :-)
> The structure of the LEAF is also a dead giveaway that Clipper is
> being used -- it's easy to envision a box that has the family key,
> and tries every LEAF-sized field to see if it decrypts to something
> that looks right, and in particular has the right checksum.
I'm going to make the almost certainly valid assumption that you know
more about the way the network works than I do, but my assumption is
this: in the wacky scenario I described wherein Clipper devices are
installed in the network interfaces "everywhere", then the presence of
these identifiable (and identifying!) packets means that a central tap
at a regional switching center could concievably perform traffic
analysis without the need for taps on local loops anywhere. Is this
assumption way wrong?
--
| GOOD TIME FOR MOVIE - GOING ||| Mike McNally <[email protected]> |
| TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: |
| (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" |