Nico,
This isn't steganography but a timing attack. However, the timing attack
isn't focused on the cipher but the user. Basically, let's assume that
you are an attacker. All you have are the timing sequences of packets
between a client and a host. The question is if you can take the timing
between each packet to tell you anything about the data being sent.
You can make some assumptions -
1) It's an interactive session.
2) The person behind the interactive session is trained in touch typing
(this won't work as well with self taught/hunk and peck/whatever typists
as well because the "fist" (if we want to go back the old Morse code
terminology is going be much more idiosyncratic and harder to model).
What you know is that it takes a certain amount of time for a finger to
travel from the home row to a specific key and from that key to another
key in a well known language. You also know that SSH doesn't delay
sending packets and that each individual character is represented by a
new packet. As such the pause between each individual packet roughly
corresponds to the time between each key press.
Since you can model the time between key presses (given that person is
trained in touch typing) for pairs of letters you may be able to use
that to gain some entry into what the person is actually typing during
the session.
If you can figure out even a relatively small percentage of letters you
can possibly recreate large portions of the text and, from that, maybe
even figure out the encryption key being used.
The Soviets did something similar to this when they bugged the American
embassy in Moscow. However, in this case they did timing attack on the
movement of the type ball in IBM Selectrics which might have made it
easier.
https://arstechnica.com/information-technology/2015/10/how-soviets-used-ibm-selectric-keyloggers-to-spy-on-us-diplomats/
Chris
On 8/5/23 3:07 PM, Nico Kadel-Garcia wrote:
On Thu, Aug 3, 2023 at 2:35 PM Chris Rapier <rapier@xxxxxxx> wrote:
Howdy all,
So, one night over beers I was telling a friend how you could use the
timing between key presses on a type writer to extract information.
Basically, you make some assumptions about the person typing (touch
typing at so many words per second and then fuzzing the parameters until
words come out).
The I found a paper written back in 2001 talked about using the
interpacket timing in interactive sessions to leak information.
https://people.eecs.berkeley.edu/~dawnsong/papers/ssh-timing.pdf
I'm sure this has been addressed (or dismissed) but I'm looking for the
specific section of code that might deal with this. Any pointers?
Thanks,
Chris
Why would any code "deal with this"? What you're describing is a form
of steganography, embedding another subtler, more dangerous message
inside the larger, safer, apparent message. Because there are so many
ways to hide such data, it's not even theoretically possible to avoid
altogether. OpenSSH would be the wrong layer of the stack to
manipulate this, especially given the attempts to improve interactive
behavior by improving responsiveness and reducing latency. If you're
making a system as swift and responsive as possible, it becomes very
difficult to regulate the timing of what may be human driven
interactions. And if you're going to manipulate packet delays.....
that's at the network layer or data layer, layer 2 or layer 3 of the
OSI stack. OpenSSH is more at the transport layer.
I don't see how OpenSSH could be written to avoid this.without
sacrificing responsive of interactive sessions.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
