Packet Timing and Data Leaks

Chris Rapier rapier at psc.edu
Fri Aug 4 04:34:34 AEST 2023


Howdy all,

So, one night over beers I was telling a friend how you could use the 
timing between key presses on a type writer to extract information. 
Basically, you make some assumptions about the person typing (touch 
typing at so many words per second and then fuzzing the parameters until 
words come out).

The I found a paper written back in 2001 talked about using the 
interpacket timing in interactive sessions to leak information. 
https://people.eecs.berkeley.edu/~dawnsong/papers/ssh-timing.pdf

I'm sure this has been addressed (or dismissed) but I'm looking for the 
specific section of code that might deal with this. Any pointers?

Thanks,

Chris


More information about the openssh-unix-dev mailing list