Re: Patching a SSH 'Weakness'

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Mike M

Date: Friday, September 12, 2008 - 5:01 am

On 9/10/2008 at 2:58 PM Kevin Neff wrote:

|Hi,
|
|Some secure protocols like SSH send encrypted keystrokes
|as they're typed.  By doing timing analysis you can figure
|out which keys the user probably typed (keys that are
|physically close together on a keyboard can be typed
|faster).  A careful analysis can reveal the length of
|passwords and probably some of password itself.
 =============


quoted text>> (keys that are physically close together on a keyboard
>> can be typed faster).


I do not agree with that statement.   Using two fingers I can hit the "A" and
"L" keys nearly simultaneously (probably could even hit them simultaneously if
I tried enough).

The statement seems to rely upon the typist being a one-finger typer.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Patching a SSH 'Weakness', Kevin Neff, (Wed Sep 10, 12:58 pm)

Re: Patching a SSH 'Weakness', Damien Miller, (Wed Sep 10, 5:59 pm)

Re: Patching a SSH 'Weakness', Hari, (Wed Sep 10, 6:06 pm)

Re: Patching a SSH 'Weakness', Marco Peereboom, (Wed Sep 10, 6:50 pm)

Re: Patching a SSH 'Weakness', Darrin Chandler, (Wed Sep 10, 7:21 pm)

Re: Patching a SSH 'Weakness', STeve Andre', (Wed Sep 10, 7:56 pm)

Re: Patching a SSH 'Weakness', Aaron Glenn, (Wed Sep 10, 9:40 pm)

Re: Patching a SSH 'Weakness', Johan Beisser, (Wed Sep 10, 10:35 pm)

Re: Patching a SSH 'Weakness', Damien Miller, (Wed Sep 10, 11:28 pm)

Re: Patching a SSH 'Weakness', Paul de Weerd, (Thu Sep 11, 1:49 am)

Re: Patching a SSH 'Weakness', STeve Andre', (Thu Sep 11, 5:50 am)

Re: Patching a SSH 'Weakness', Giancarlo Razzolini, (Thu Sep 11, 8:06 am)

Re: Patching a SSH 'Weakness', Mike M, (Fri Sep 12, 5:01 am)

Re: Patching a SSH 'Weakness', Kevin Neff, (Fri Sep 12, 7:02 am)

Re: Patching a SSH 'Weakness', johan beisser, (Fri Sep 12, 2:32 pm)