keystroke timing attack

maf at appgate.com maf at appgate.com
Thu Nov 29 15:41:18 EST 2001


On 28 Nov, Richard E. Silverman wrote:
> 2) In this thread, it is proposed to send dummy packets at either
>    pseudo-random or fixed intervals.  Both of these are of
>    questionable value, as is pointed out both in the article and in
>    the Song et al. paper, as well as in Solar's paper.  The fixed-gap
>    packets will show up as a tall spike in a frequency domain analysis
>    of the timing data, and are easily filtered out.

The idea behind the fixed-packet stream is that all packets are part of
it. That is the server doesn't send key-presses immediately when the
occur but rather wait for the next time it should send a packet,
according to the interval, and send the keystroke then instead of the
normal dummy packet. The attacker will only see an even stream of
packets, with the same length, at regular intervals. There is no way for
him to distinguish between the dummy packets and the real ones.

To word it differently we do not add a stream of fixed packets, instead
we integrate the key presses into the fixed-stream.

	/MaF




More information about the openssh-unix-dev mailing list