Hi again random readers,
Just adding some credit and historical background to this thread .
The issue of keyboard timing leakage had already been raised long before:
where /dev/random blocking (instead of entropy available in this thread) is
the keyboard-timing side channel
Thanks to 

Best regards,

PS By the way, just so that I could be more sure about the topic of this
thread, I had tried to write some shell scripts that distinguish keyboard
inputs (button clicks and slow mouse movements) from any other entropy
inputs - using the way that the entropy available changes over time.  (But
without any precise timing info :) Basically, I noticed that with no
keyboard input or mouse movement - on my test device, a laptop, - the
pattern is that the entropy available usually increases by 1 every second or
so, and occasionally decreases by some larger amount. (I have no clue why.)
By contrast,  any keyboard input, mouse clicks/scrolls, or slow mouse
movement, seems to cause a more rapid increase.  (No clue why, either.)
Based on this pattern, I was able to devise a script that detected keyboard
input, with occasional false positives (one a minute?).  Of course, other
systems, Linux versions, may not have this pattern.  I would guess that this
pattern would only hold on a subset of personal laptops and Linux versions.
# Try this loop to look for a pattern like the one above 
while true; do printf \\r%5s%5s $(cat /proc/sys/kernel/random/entropy_avail)
bits; done

Attachment: smime.p7s
Description: S/MIME cryptographic signature

dsfjdssdfsd mailing list

Reply via email to