Impacts of Encryption Everywhere (any solution?)

William Herrin bill at herrin.us
Sun Jun 17 20:03:24 UTC 2018


On Sat, Jun 16, 2018 at 4:13 PM, Mike Hammett <nanog at ics-il.net> wrote:
> Sadly, it's just falling on deaf ears. Silicon Valley will continue to think they know better than everyone else and people outside of that bubble will continue to be disadvantaged.

Hi Mike,

When the U.S. Government wants to encrypt classified information for
transmission over an unclassified channel (such as the Internet) one
of the interesting things the encryptor does is send data at a
constant rate. If there isn't enough data to fill the channel, the
encryptor pads its transmission with random bytes. If there's more
data than the constant rate, it's queued and sent at a constant rate,
even if the channel could handle more. Even over the internet where
variable rate transmissions are the norm. This increases the _depth of
defense_ against an adversary. Not only does the adversary have to
figure out what you're saying, he has to figure out when and whether
you're speaking at all.

Depth of Defense. Remember that phrase; you'll hear it over and over
again when security experts speak.

Encrypting everything (not just information you consider private) also
increases the depth of your defense against an adversary attempting to
capture your secrets. An adversary must not only break or subvert your
encryption, he must also figure out which if any of your
communications are sensitive and which are banal.

Depth of Defense. One of the linchpin concepts in effective security.

Regards,
Bill Herrin


-- 
William Herrin ................ herrin at dirtside.com  bill at herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>


More information about the NANOG mailing list