Secure communications over a public channel between two parties is often achieved by the use of some form of encryption. The original data and a confidential data can be encrypted by the sender and decrypted by the recipient. The original data is sent separately, followed by the confidential data. Any attacker able to intercept the transmission on the communications channel, but lacking the decryption key may be unable to determine the content of the original data unless they break the encryption cipher. Alternatively, both the original data and the confidential data can be encrypted and sent together.
A disadvantage of transmitting the confidential data as a second stream of stand-alone data is that, although an attacker may need to break the encryption cipher to access the content of the data, it is relatively easy for an attacker to distinguish the primary data from the confidential data streams by observing the traffic on the communication channel, and thus, intercepting the confidential data. This may lead to more targeted attacks to identify or decipher the confidential data.
A disadvantage of transmitting confidential message and a primary message that are encrypted together and sent out together is that, the attacker can determine the difference in packet sizes of the messages being transmitted. This can lead the attacker to conclude that some messages contain confidential messages. This may lead to more targeted attacks to identify or decipher the confidential messages. In addition, a message with and without additional payload may provide an attack vector to the cipher key.