January 19, 2021
Hot Topics:

Zen and the Art of Breaking Security - Part II

  • By Razvan Peteanu
  • Send Email »
  • More Articles »
uddenly start to exchange images or, for this matter, even PGP emails (easily identifiable by searching for the -----BEGIN PGP MESSAGE----- header), this may be flagged as "interesting, requires further investigation."

We do not have to limit ourselves to email. Traffic analysis has been used in military intelligence for a long time. By observing the paths of supply trucks or triangulating radio transmitters, the relocation of the military bases can be inferred. Cellular companies use it to detect fraud by flagging unusual call patterns. Banks analyze electronic payments to detect buying patterns. Intrusion detection systems do it to signal unusual packets.

Of course, there will be a lot of false positives. By itself, traffic analysis cannot tell us more, but that's not its job. Traffic analysis is a statistical tool and thus requires large amounts of data. It also requires the computing and logistical means to gather it, including access to points where traffic is concentrated.

But once a single entity in a big set is singled out, it is no longer an undifferentiated contributor to the overall traffic. It acquires an identity in the eye of the attacker, and from here other techniques can be used. Traffic analysis can still be part of them: by analyzing where my cell phone is or what phone calls I place, information about the places I go and the people I know is obtained.

The balance of power has also changed: it is no longer the monitoring system against the indiscriminate traffic flow, but the system vs. an entity. And the more information is available, the more expanded in scope traffic analysis becomes, and at some point the term "surveillance" would be better suited. But this is where the scope of the article ends. Perhaps with the ding of a bell.


[1] Ross Anderson, Markus Kuhn, Tamper Resistance - a Cautionary Note

[2] D. Boneh, C. Dunworth, and R. Lipton, Breaking DES using a molecular computer

[3] Leonard M. Adleman, Paul W. K. Rothemund, Sam Roweisy, Erik Winfree, On Applying Molecular Computation To The Data Encryption Standard

[4] Leonard M. Adleman, Molecular computation of solutions to combinatorial problems

[5] Fabien A.P. Petitcolas, Ross J. Anderson, Markus G. Kuhn, Attacks on Copyright Marking Systems

[6] Neil F. Johnson, Zoran Duric, Sushil Jajodia, Information Hiding: Steganography and Watermarking - Attacks and Countermeasures, Kluwer Academic Pub; ISBN: 0792372042

SecurityPortal is the world's foremost on-line resource and servicesprovider for companies and individuals concerned about protecting theirinformation systems and networks.
The Focal Point for Security on the Net (tm)

Page 3 of 3

This article was originally published on April 16, 2001

Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Thanks for your registration, follow us on our social networks to keep up-to-date