smb@research.att.com writes:

But the LEAF itself is encrypted, including the session key, so enemies can't do traffic analysis based on the LEAF.

"Enemies"? Isn't that a subjective term? :-)

The structure of the LEAF is also a dead giveaway that Clipper is being used -- it's easy to envision a box that has the family key, and tries every LEAF-sized field to see if it decrypts to something that looks right, and in particular has the right checksum.

I'm going to make the almost certainly valid assumption that you know more about the way the network works than I do, but my assumption is this: in the wacky scenario I described wherein Clipper devices are installed in the network interfaces "everywhere", then the presence of these identifiable (and identifying!) packets means that a central tap at a regional switching center could concievably perform traffic analysis without the need for taps on local loops anywhere. Is this assumption way wrong? -- | GOOD TIME FOR MOVIE - GOING ||| Mike McNally <m5@tivoli.com> | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" |