On Mon, 25 Mar 2002, Johannes Kaefer wrote:
> The port 80 was just an example. But consider an application which is using
> a specific port (e.g. 1128) for datatransfer (and this is important data)
> with a remote host. Doesn't matter if this port makes sense, it's just an
> example. Now you use various other applications which use different ports but the
> same (remote) ip-address for eg. datatransfer (or synchronisation or whatever
> you like). But this data is not that important, so you don't need to encrypt
> it anyway. As a matter of fact it would be waste of resources to
> encrypt/decrypt unimportend data.
On the contrary: if you can spare the resources, it improves security to
encrypt the "unimportant" data too. Hiding the important stuff in with a
lot of unimportant stuff makes it much more difficult for an attacker to
guess packet types, packet headers, etc for cryptanalysis and traffic
analysis. It guards against the chance that some of the "unimportant"
traffic will accidentally reveal things about the "important" traffic.
And it hides whether you're actually doing anything "important" at all,
meaning that an attacker can't tell whether you're worth attacking or not.
It's better to just encrypt everything than to try to guess which things
need it and which don't. You might guess wrong.
Henry Spencer
henry_at_spsystems.net
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:46 CEST