我在英國日不落

Chapter 7

1. Placement of Encryption Function
        Two major approaches(Figure. 7.2) (p. 205)
        a). Link encryption
                Each vulnerable communication link is equipped on both ends with
                encryption device
                在兩個node兼做加解密動作。
               
                Disadvantage:
                I).  Message must be decrypted each time it enters a packet switch
                     to read the address
                     每次switch時都必須解密message以獲得address of destination。
                II). All potential links must use link encryption
                     所有的連結都必須加密。
                III).Each pair of nodes that share a link should share a unique key
                     每一對pair of nodes都需要一組唯一的key。

        b). End-to-end encryption
                Encryption at the two end systems only.
                只有在來源與目的端才做加解密的動作。

                Advantages:
                        Relieves the concern about the degree of security of networks
                        and links
                        減輕netwrok傳輸時的危險集overhead。

                Disadvantages:
                        May encrypt only the user data portion of the packet and leave
                        the header in the clear.
                        Traffic pattern is not secure
                        只能隱藏資料內文卻無法隱藏來源及目的地位址。

2. Traffic confidentiallity
        Traffic analysis attack: (p. 210)
        a). Identities of partners
        b). How frequently the partners are communicating
        c). Message pattern, message length, or quantity of messages that
             suggest important information is being exchanged
        d). The events that correlate with special conversations between particular
             partners

        Covert channel
        a). A means of communication unintended by the designers of the
            communication facility
            e.g., binary 0: length(message) < some number; otherwise, binary 1

3. Key distribution
        Frequent key changes are desirable to limit the amount of data compromised
        if an attacker learns the key
        時常更換key以減少被攻擊成功的機會。
       
        Key distribution technique
                The means of delivering a key to two parties without allowing others to
                see the key

                Key distribution from A to B:
                a). A key is selected by A and physically delivered to B
                     A直接運送key給B。

                b). A third party selects the key and physically deliver it to A and B
                     第三方直接運送key給A、B。

                c). If A and B have previously and recently used a key, one party
                    can transmit the new key to the other, encrypted by using the old key
                    A用old key加密new key並且傳送給B。

                d). If A and B each has an encrypted connection to a third party C,
                    C can deliver a key on the encrypted links to A and B
                    第三方分別對A、B產生不同的key，加密new key後分別傳送給兩方。

                1 and 2 are awkward for end-to-end encryption.