On Tue, Oct 09, 2001 at 11:14:27AM -0400, Michael H. Warfield wrote: > These changes cause SSH to send packets unless request not to, exactly > every 50 ms. IF no data is ready to be sent, SSH will send a bogus > packet with 16 bytes of data (which is the same size as most > keystrokes). Thus someone performing timing analysis cannot determine > the inter keystroke timing of a user. I'm not a professional cryptographer by any means, but my math experience tells me that it shouldn't be hard to analyse such traffic and remove the packets that are exactly 50ms apart. Random timings would make life more difficult. For reference, envelopes designed to make reading the contents more difficult do not have a pattern of dots or lines on the insides, but relatively random strokes that could look like any typed character. This makes reading the contents near-impossible. -- Michael T. Babcock http://www.fibrespeed.net/~mbabcock/ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
