Information leakage

Information leakage

Information leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties nonetheless. For example, when designing an encrypted instant messaging network, a network engineer without the capacity to crack your encryption codes could see when you are transmitting messages, even if he could not read them. During the Second World War, the Japanese for a while were using secret codes such as PURPLE; even before such codes were cracked, some basic information could be extracted about the content of the messages by looking at which relay stations sent a message onwards.

Designers of secure systems often forget to take information leakage into account. One classic example of this is when the French government designed a mechanism to aid encrypted communications over an analog line, such as at a phone booth. It was a device that clamped onto both ends of the phone, performed the encrypting operations, and sent the signals over the phone line. Unfortunately for the French, the rubber seal that attached the device to the phone was not airtight. It was later discovered that although the encryption itself was solid, if you listened carefully, you could hear the speaker, since the phone was picking up some of the speech! Information leakage can subtly or completely destroy the security of an otherwise bulletproof system.

Generally, only very advanced systems employ defenses against information leakage - there are three main ways to do it:

* Use steganography to hide the fact that you're transmitting a message at all.
* Use chaffing to make it unclear to whom you are transmitting messages (but this does not hide from others the fact that you are transmitting messages).
* For busy retransmitting proxies, such as a Mixmaster node: randomly delay and shuffle the order of outbound packets - this will assist in disguising a given message's path, especially if there are multiple, popular forwarding nodes, such as are employed with mixmaster mail forwarding.


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Information Disclosure — (dt. Informationspreisgabe), auch Information Leakage (dt. Informationsleck) genannt, bezeichnet das ungewollte Enthüllen von sicherheitskritischen Informationen. Meist sind dies systeminterne Informationen wie Fehlermeldungen mit detaillierter… …   Deutsch Wikipedia

  • Leakage — Release of information to some persons before official public announcement. The New York Times Financial Glossary * * * leakage UK US /ˈliːkɪdʒ/ noun [C or U] ► a situation in which a liquid or gas escapes from an opening in a pipe or container,… …   Financial and business terms

  • leakage — Release of information selectively or not before official public announcement. Bloomberg Financial Dictionary * * * leakage UK US /ˈliːkɪdʒ/ noun [C or U] ► a situation in which a liquid or gas escapes from an opening in a pipe or container, or… …   Financial and business terms

  • Leakage — A situation in which capital, or income, exits an economy, or system, rather than remains within it. In economics, leakage refers to outflow from a circular flow of income model. In a two sector model, all individual income is sent back to… …   Investment dictionary

  • leakage — UK [ˈliːkɪdʒ] / US [ˈlɪkɪdʒ] noun Word forms leakage : singular leakage plural leakages 1) a) [uncountable] the process of leaking a liquid or gas b) [countable/uncountable] an amount of gas or liquid that leaks from something 2) [countable] an… …   English dictionary

  • leakage — leak ► VERB 1) accidentally allow contents to escape or enter through a hole or crack. 2) (of liquid, gas, etc.) escape or enter accidentally through a hole or crack. 3) intentionally disclose (secret information). 4) (of secret information)… …   English terms dictionary

  • leakage — leak|age [ˈli:kıdʒ] n [U and C] 1.) when gas, water etc leaks in or out, or the amount of it that has leaked 2.) the deliberate spreading of secret information ▪ leakages of confidential information …   Dictionary of contemporary English

  • leakage of information — revealing of classified information …   English contemporary dictionary

  • leakage — leak|age [ likıdʒ ] noun 1. ) uncount the process of leaking a liquid or gas a ) count or uncount an amount of gas or liquid that leaks out of something 2. ) count an occasion when secret or private information is told to reporters …   Usage of the words and phrases in modern English

  • leakage —    the persistent unauthorized release of confidential information    What happens when there is a leak1.     We discussed leakages. Lady S. said that the surest way of making people repeat things was to say Don t quote me . (Colville, 1967) …   How not to say what you mean: A dictionary of euphemisms

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”