On Mon, Aug 16, 2004 at 12:01:49AM +0100, James Wilkinson wrote: > On the possibility of "sniffing" a password sent through a SSH-encrypted > tunnel: > There were a series of papers some time ago -- one of them is at > http://www.cs.virginia.edu/cs588/projects/reports/team4.pdf -- which > claimed that it was possible to guess which keys a user presses by > measuring the time between keystrokes. > SSH sessions tend to send one packet for each key the user presses, so > this data could be visible to an attacker with access to the data > stream. The theory goes that the attacker could guess when passwords > were being entered, because normally when a user types a key, the server > displays something. When passwords are sent, this doesn't happen, and > an attacker can see the lack of screen updates. > It is supposed to weaken passwords by a factor of 50: very roughly, it > would make a 6-character password as easy to crack as a 5-character > password without this data. Counter measures have already been implimented (timing jiggers and normalization). It was a cute trick but easy to defeat through a number of tricks. All my passwords are "touch type" I can't even type them if I look at the keyboard (because I'm thinking about them too much). > James. > -- > E-mail address: james | 'In a serial interface, the data bits move down a > @westexe.demon.co.uk | single channel one after the other, like railway > | trains. This is different from the parallel interface > | in which groups of bits arrive together, like London > | buses.' -- 'The Computer Dictionary', Jon Wedge Mike -- Michael H. Warfield | (770) 985-6132 | mhw@xxxxxxxxxxxx /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
Attachment:
pgp3Y3WLCdtDr.pgp
Description: PGP signature
