openssh and keystroke timing attacks (again)

Andrew Clausen clausen at
Tue Dec 28 09:53:51 EST 2010

Hi Damien,

On 27 December 2010 17:06, Damien Miller <djm at> wrote:
> I'd like to have better keystroke timing countermeasures in OpenSSH, but
> they are just too intrusive under the current mainloop design. I'd like
> to renovate the mainloop some time and this would make implementing things
> like this quite a bit more easy.

Yes, I agree that the client_loop() could do with some renovation.
What did you have in mind?

For what it's worth, I actually implemented most of my proposal before
finding Jason's patch from 10 years ago.  I only implemented the idea
of only checking for input at regular intervals... there are no dummy
messages, but that is trivial to add.  I attached my patch (against
the source I lazily acquired via Ubuntu's 10.10 apt-get source

The main structural ingredient in the patch is a wrapper to select(2).
This allows the caller to specify a list of timing events to be woken
up on, in addition to file activity events.  This makes it easier to
"multiplex" multiple timing events such as tcp_keep_alive and
keystroke countermeasures along with the I/O events.  The wrapper's
prototype and commentary follow:

/* This wrapper to select(2) allows the user to supply a list of sleep times
 * to be woken up on.  The process is woken up either after activity on the
 * fds, or when the soonest sleep time arrives.  In the latter case, the
 * index of the relevant sleep event is recorded in *active_time.
static int
select_times(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds,
       int ntimes, struct timeval **times, int *active_time)

I still think client_loop() and client_wait_until_can_do_something()
are still a bit too complicated though.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: hideinputtiming.diff
Type: text/x-patch
Size: 8182 bytes
Desc: not available
URL: <>

More information about the openssh-unix-dev mailing list