Re: 2.4.22-pre7: are security issues solved?

From: David Wagner (daw@mozart.cs.berkeley.edu)
Date: Wed Jul 23 2003 - 12:50:14 EST


Ville Herva wrote:
>Further, if you monitor the /proc/tty/driver/serial character counts with
>small enough resolution, I guess you could learn the delays between
>individual key presses when the user enters his password. This can be used
>to further aid the brute force attack (delays between different key pairs
>have different average delays statistically, just as different characters
>have different frequencies in a given language. I think there is a paper on
>this, and someone suggested an attack like this for snooping ssh
>passwords.)

Yes. The paper describing the attack on SSH is here:
  http://www.cs.berkeley.edu/~daw/papers/ssh-use01.ps
  http://www.cs.berkeley.edu/~daw/papers/ssh-use01.pdf
  Dawn Xiaodong Song, David Wagner, and Xuqing Tian,
  "Timing Analysis of Keystrokes and Timing Attacks on SSH",
  10th USENIX Security Symposium, 2001.
A nice summary can be found here:
  http://linux.oreillynet.com/lpt/a/linux/2001/11/08/ssh_keystroke.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Wed Jul 23 2003 - 22:00:49 EST