On Wed, Apr 11, 2012 at 11:06 AM, Marsh Ray <ma...@extendedsubset.com> wrote: > http://mosh.mit.edu/ > http://mosh.mit.edu/mosh-paper-draft.pdf
Very interesting. It's basically a VNC/RDP-like protocol but for terminal applications. > Hat's off to anyone brave enough to consider a correct and supportable MitM > on something as complex as the ANSI/vt UTF-8 terminal protocol. The MITM would first have to break the crypto (or otherwise find an MITM vuln in the authentication protocol). > It occurred to me that if Mosh could allow the client to hide the > inter-keystroke timing (and perhaps that of the response too) with minimal > disruption, it could represent a great mitigation for the timing attack > vulnerability presented by SSH's (effectively) packet-per-keystroke model. I think mosh would need a setting for an amount of time to buffer keystrokes for, because if the RTT is too small and mosh does not impose a buffer time then the inter-keystroke timings will be exposed. Add in the heartbeat messages being timed on a small multiple of the buffer time and I think we'd be doing a good job of hiding timing information (or at least we'd be getting close to doing a good job of it). Nico -- _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography