Not logged in
Log in now
Create an account
Subscribe to LWN
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
Little things that matter in language design
You could also randomly time shift keys characters by a 1ms or two every so often. I don't think a user would notice that.
Buffer keys at 100 ms intevals
Posted Sep 18, 2008 18:17 UTC (Thu) by felixfix (subscriber, #242)
Posted Sep 18, 2008 19:29 UTC (Thu) by docwhat (subscriber, #40373)
Ideally, the packets should be the same size, so keys and chaff should both be the same structure except that the chaff has an extra bit saying it's chaff.
An alternative that may be implementable now (I don't know much about the SSHv2 protocol) is to use a bogus encryption key so that it is rejected on the receiving side. That'll add additional confusion to anyone trying to break the stream as they'll have to separate the differently encrypted packets from one another.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds