User: Password:
|
|
Subscribe / Log in / New account

Re: Patching a SSH 'Weakness'

From:  Darrin Chandler <dwchandler-AT-stilyagin.com>
To:  Hari <innomotive-AT-gmail.com>
Subject:  Re: Patching a SSH 'Weakness'
Date:  Wed, 10 Sep 2008 19:21:27 -0700
Message-ID:  <20080911022127.GD21025@tuppy.intrepidhosting.net>
Cc:  neffk-AT-ieee.org, misc-AT-openbsd.org
Archive-link:  Article

On Thu, Sep 11, 2008 at 10:06:27AM +0900, Hari wrote:
> On Thu, Sep 11, 2008 at 4:58 AM, Kevin Neff <kevin.l.neff@gmail.com> wrote:
> > Hi,
> >
> > Some secure protocols like SSH send encrypted keystrokes
> > as they're typed.  By doing timing analysis you can figure
> > out which keys the user probably typed (keys that are
> > physically close together on a keyboard can be typed
> > faster).  A careful analysis can reveal the length of
> > passwords and probably some of password itself.
> >
> > The paper:
> >
> >  http://portal.acm.org/citation.cfm?
> >  id=1267612.1267637&coll=Portal&dl=GUIDE&CFID=1943417&C
> >  FTOKEN=28290455
>
> The paper itself is not accessible. Prima facie, this looked like a
> technology-in-search-of-a-problem kinda thing to me. For now, it
> sounds like bull.
> However, there are atleast 10 references to keystoke
> timing/characteristics. That this 'weakness' holds water is a
> judgement call. Of course, one can make any kind of conclusion only
> after studying the paper/references.

I remember reading that or a similar paper a while back. The idea has
been around for longer. Is it a weakness? Yes, I'd say so. I can't
comment on how serious it is, but at first blush not too serious. Making
OpenSSH immune would be nice, as a proactive step.

The reason why I think it's a weakness is that you can gather statistics
on typing and use those to infer things. I.e., you can extract
meaningful information from the encrypted session. If you're snooping on
ssh and see a short burst of typing followed by another ssh session from
the remote machine you can guess they typed 'ssh host.example.com' by
the length of typing and the host connected to. Nice crib. Oh, after
than connect was there another short burst? Probably the password. How
many keystrokes can probably be inferred. Perhaps stats on interkey
timing can be used to make some intelligent guesses, such as the 4th
char is NOT punctuation because is followed char 3 too closely. Or
whatever.

Just because this takes real work and isn't in a popular script kiddie
tool doesn't mean you should discount it. Traffic analysis of one kind
or another has a long history of paying off well.

--
Darrin Chandler            |  Phoenix BSD User Group  |  MetaBUG
dwchandler@stilyagin.com   |  http://phxbug.org/      |  http://metabug.org/
http://www.stilyagin.com/  |  Daemons in the Desert   |  Global BUG
Federation

[demime 1.01d removed an attachment of type application/pgp-signature]




(Log in to post comments)


Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds