Damien Miller wrote: > On Thu, 3 Aug 2023, Chris Rapier wrote: > >> Howdy all, >> >> So, one night over beers I was telling a friend how you could use the timing >> between key presses on a type writer to extract information. Basically, you >> make some assumptions about the person typing (touch typing at so many words >> per second and then fuzzing the parameters until words come out). >> >> The I found a paper written back in 2001 talked about using the interpacket >> timing in interactive sessions to leak information. >> https://people.eecs.berkeley.edu/~dawnsong/papers/ssh-timing.pdf >> >> I'm sure this has been addressed (or dismissed) but I'm looking for the >> specific section of code that might deal with this. Any pointers? > > The main issue raised in that paper was that it was trivially detectable > when terminal echo was switched off and so an attacker could specifically > observe the moments when users were typing their passwords into (say) > sudo. This got fixed around the time the paper was released IIRC, > search for "Simulate echo" in channels.c:channel_handle_wfd(). > > The broader issue of hiding all potential keystroke timing is not yet fixed. The keystroke timing issue would be solved by adding LINEMODE support as I did back in 2010. https://lists.mindrot.org/pipermail/openssh-unix-dev/2010-June/028732.html The code is still available here https://github.com/hyc/OpenSSH-LINEMODE/ If there's sufficient interest this time, I can probably bring it all up to date with a current OpenSSH version. I won't bother if it meets the same apathy as last time. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
