Call for testing for 3.6: password expiry?

Ben Lindstrom mouring at etoh.eviladmin.org
Sun Mar 23 15:28:11 EST 2003


On Sun, 23 Mar 2003, Darren Tucker wrote:

[..]
>
> Ben Lindstrom wrote:
> [about password expiry]
> > I still don't know enough about SIA, but the way the RFC works is they
> > want the password change to occur in an non-interactive way to try and
> > remove timing attacks for passwording guessing.
>
> Could you elaborate on these timing attacks, and would password change
> via keyboard-interactive be succeptible to them?
>

If you follow all of the discussion in regards to cryptology and the idea
that you can 'leak' information based on timing of activities.   Then you
can come to see that the RFC decided to avoid the pit falls by having the
password sent as a single encrypted block instead of as a stream of
smaller blocks.

http://paris.cs.berkeley.edu/~dawnsong/papers/ssh-timing.pdf

That paper discusses some of the methods that could be implemented in an
attempt to gleam what the user is doing.  Granted, I'm not sure how
realist some of these timing attacks are.

As for the relationship to Keyboard Interaction.  I've not gotten around
to that aspect of SSH.  So I can't comment.

- Ben




More information about the openssh-unix-dev mailing list