Re: IP: Secnet11 an 802.11b clone with Type 1 crypto

[David Farber <dfarber () earthlink net>]

-----Original Message-----
From: "David P. Reed" <dpreed () reed com>
Date: Tue, 18 Jun 2002 09:17:55 
To: farber () cis upenn edu, ip <ip-sub-1 () majordomo pobox com>
Subject: Re: IP: Secnet11 an 802.11b clone with Type 1 crypto

At 04:23 AM 6/18/2002 -0400, Dave Farber wrote:
> o the message address is encrypted to prevent traffic analysis (this
> is a big selling point vs VPN technology, tho I suspect an adversary
> could learn quite a bit about a wireless net using a sniffer and one
> or more directional antennae to count how many packets come from each
> direction)

Merely encrypting the link (no matter how strong the encryption and key 
distribution might be) is insufficient.  So the idea that this is "vs VPN 
technology" is a flawed concept.   You still need to encrypt the data on an 
end-to-end basis.  The link encryption is primarily useful against traffic 
analysis and preventing interlopers from hogging capacity by requesting 
transmit slots, whether they use them or not.

I hope the NSA is not recommending these *instead* of end-to-end security - 
if so the engineers involved should be fired.


For archives see:
http://www.interesting-people.org/archives/interesting-people/