Re: Packet Timing and Data Leaks

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Damien Miller wrote:
> On Thu, 3 Aug 2023, Chris Rapier wrote:
>> Howdy all,
>> So, one night over beers I was telling a friend how you could use the timing
>> between key presses on a type writer to extract information. Basically, you
>> make some assumptions about the person typing (touch typing at so many words
>> per second and then fuzzing the parameters until words come out).
>> The I found a paper written back in 2001 talked about using the interpacket
>> timing in interactive sessions to leak information.
>> I'm sure this has been addressed (or dismissed) but I'm looking for the
>> specific section of code that might deal with this. Any pointers?
> The main issue raised in that paper was that it was trivially detectable
> when terminal echo was switched off and so an attacker could specifically
> observe the moments when users were typing their passwords into (say)
> sudo. This got fixed around the time the paper was released IIRC,
> search for "Simulate echo" in channels.c:channel_handle_wfd().
> The broader issue of hiding all potential keystroke timing is not yet fixed.

The keystroke timing issue would be solved by adding LINEMODE support as I did back in 2010.

The code is still available here
If there's sufficient interest this time, I can probably bring it all up to date with
a current OpenSSH version. I won't bother if it meets the same apathy as last time.

  -- Howard Chu
  CTO, Symas Corp. 
  Director, Highland Sun
  Chief Architect, OpenLDAP
openssh-unix-dev mailing list

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux