Packet Timing and Data Leaks
Chris Rapier
rapier at psc.edu
Fri Aug 4 04:34:34 AEST 2023
Howdy all,
So, one night over beers I was telling a friend how you could use the
timing between key presses on a type writer to extract information.
Basically, you make some assumptions about the person typing (touch
typing at so many words per second and then fuzzing the parameters until
words come out).
The I found a paper written back in 2001 talked about using the
interpacket timing in interactive sessions to leak information.
https://people.eecs.berkeley.edu/~dawnsong/papers/ssh-timing.pdf
I'm sure this has been addressed (or dismissed) but I'm looking for the
specific section of code that might deal with this. Any pointers?
Thanks,
Chris
More information about the openssh-unix-dev
mailing list