On Tue, 9 Oct 2001, Michael T. Babcock wrote: > On Tue, Oct 09, 2001 at 11:14:27AM -0400, Michael H. Warfield wrote: > > These changes cause SSH to send packets unless request not to, exactly > > every 50 ms. IF no data is ready to be sent, SSH will send a bogus > > packet with 16 bytes of data (which is the same size as most > > keystrokes). Thus someone performing timing analysis cannot determine > > the inter keystroke timing of a user. > > I'm not a professional cryptographer by any means, but my math experience tells me that it shouldn't be hard to analyse such traffic and remove the packets that are exactly 50ms apart. Random timings would make life more difficult. > > For reference, envelopes designed to make reading the contents more difficult do not have a pattern of dots or lines on the insides, but relatively random strokes that could look like any typed character. This makes reading the contents near-impossible. > The ssh protocol already send passwords as a single block as far as I can remember from last time I read the protocol specification. There will however be a problem with keystroke timing unless you type a password on the machine you log in to. That is if you log in a root "su" or in some other way types a password. Now a lot people will do exactly. Most sysadmins will not log on remotely directly as root, and so this attack will be possible. Other people have sugested to insert random junk packets to disrupt such trafic analysis. There are however several other possible ways to make it hard to get useful keystroke timing. One is the one already mentioned, to collect the whole password before sending it. That could be done by detecting the password terminal mode (which is when the character you type not are displayed, like su and telnet and - yes ssh does). This could be in addition to the timing regularisation patch, that also will protect normal typing. Ideally such regularisation should be in the terminal itself, since otherwise, every terminal based system have to fix this separately. -- Gisle Sælensminde ( gisle@xxxxxxxxx ) With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead. (from RFC 1925) Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
