As part of the CryptoForma meeting we were lucky to be at Kent at the same time as a visit for a departmental seminar by David Nicol of Univ Illinois. David's talk was about how information is leaked by connection information, even if the underlying data is encrypted. For example by correlating size or timing information of the encrypted packets.
Think of the problem of accessing say a banking web site. Even if the traffic is encrypted, a viewer may be able to determine you are performing a withdrawal simply due to the response time, or the size of the encrypted data being transferred. Thus the semantic security of the system is broken, since timing and message sizes reveal semantic information. Recall in standard definitions of semantic security, we only obtain security for equal length messages. Thus the security definition for semantic security does not meet the actual situation we see in the real world.
The main technique proposed was to insert cover traffic which looked like genuine encrypted traffic. The talk then discussed various experiments and analysis on the data. Looking not only at whether information could still be recovered, but also in terms of whether the process could be performed efficiently.
No comments:
Post a Comment