[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Routing Header info of IPng against traffic analysis?

To: Reto Haeni <reto@seas.gwu.edu>
Subject: Re: Routing Header info of IPng against traffic analysis?
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 22 Apr 1996 14:19:08 -0400
Cc: ipsec@TIS.COM
In-Reply-To: Your message of "Mon, 22 Apr 1996 13:35:47 EDT." <199604221734.NAA00230@felix.seas.gwu.edu>
Reply-To: perry@piermont.com
Sender: ipsec-approval@neptune.tis.com


Reto Haeni writes:
> As I was working through the IPng specifications, I realized that
> no options are implemented to prevent traffic analysis in IPsec.
> 
> Could the Routing Header information been set up that the list of 
> intermediate nodes changes when the system setting provide a
> list of alternative routing paths? An error condition could arise
> similar to the definition in the fragmentation header, if not all
> packets are received to complete reassembly of the message within 60 
> seconds (a long time but I think this would be a reasonable waiting
> time if you are concerned about traffic analysis).

Changing routing paths isn't sufficient to prevent traffic analysis.

Stopping traffic analysis is fairly complicated and beyond the scope
of the IPSec work...

.pm

Follow-Ups:

Re: Routing Header info of IPng against traffic analysis?

From: Ran Atkinson <rja@cisco.com>

References:

Routing Header info of IPng against traffic analysis?

From: Reto Haeni <reto@seas.gwu.edu>

Prev by Date: Routing Header info of IPng against traffic analysis?
Next by Date: Re: IETF Draft for ESP with stream ciphers
Prev by thread: Routing Header info of IPng against traffic analysis?
Next by thread: Re: Routing Header info of IPng against traffic analysis?
Index(es):
- Main
- Thread