For example, if you assume that the attacker has network taps at Fort Meade and in a phone closets of companies like AT&T, they are very likely not going to be able to watch your LAN traffic. OTOH, if they have physical access to your LAN such that they can drop an agent close to your computer that can monitor all of the packets hitting your computer, we have to ask how are they doing this? If they can someone break into your local ethernet switch remotely, then you might be in a world of hurt (although usually switches generally don't have enough of general purpose CPU that this is likely).
What else is on your LAN besides a network switch? Do you have a printer with an Ethernet jack? Or a DSL modem? Or a cable modem? Or a low-end commercial NAS box? All of these typically run an embedded system using some old version of Linux, and never get their firmware updated to close zero-day security holes. If one of them can be taken over, and can convince your network switch to send them all the packets (perhaps by ARP flooding or ARP spoofing), then that embedded system can wiretap any LAN transaction it likes. Many DSL modems contain a small switch, which if it's the only switch in a small home or office network, would make all packets among local nodes accessible to malware running in that DSL modem. Many cheap Ethernet switches are 'intelligent' meaning that they have an embedded processor that offers a Web configuration interface. Such devices are fertile malware targets. Automated global-scale attacks against such embedded systems are certainly feasible. Could the injected code be sufficiently subtle to detect and store or report entropy events like packet timing, without becoming sufficiently obvious that the malware's presence is detected on the network? John PS: On the "big iron" rather than "small network" end of things, don't forget virtual machines, in which a compromised VM hypervisor has full access to all the packets (and to many other aspects of the machines running under it). _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography