Re: Patching a SSH 'Weakness'

On 13 Sep 2008, at 04:46 , johan beisser wrote: On Fri, Sep 12, 2008 at 05:42:08PM -0700, johan beisser wrote: It's just a improbable attack. One that's easily defended against by maintaining the interactive shell/echoback and simply push additional Was it you who said earlier that you

Re: Patching a SSH 'Weakness'

Hi! On Fri, Sep 12, 2008 at 07:41:05PM +0300, Toni Spets wrote: Stuart Henderson wrote: On 2008-09-12, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: To all who opposed the suggestion to send one block of data when the Enter key is pressed: my suggestion strictly referred to the login procedure,

Re: Patching a SSH 'Weakness'

On Saturday 13 September 2008, johan beisser wrote: On Sep 13, 2008, at 5:49 AM, steve szmidt wrote: Yes, the US had it for a while but a recent ruling has reversed that. Really? I never heard of it ever being passed in the first place. If it's the case I'm thinking of, the key couldn't

Re: Patching a SSH 'Weakness'

On 2008-09-14, J.C. Roberts [EMAIL PROTECTED] wrote: In the UK, it seems there's such a law. Page 1: http://networks.silicon.com/mobile/0,39024665,39282266,00.htm Page 2: http://networks.silicon.com/silicon/networks/mobile/0,39024665,39282266-2,00.htm The team cracks low-grade encryption

Re: Patching a SSH 'Weakness'

On Sunday 14 September 2008, Stuart Henderson wrote: On 2008-09-14, J.C. Roberts [EMAIL PROTECTED] wrote: In the UK, it seems there's such a law. Page 1: http://networks.silicon.com/mobile/0,39024665,39282266,00.htm Page 2:

Re: Patching a SSH 'Weakness'

On Saturday 13 September 2008, johan beisser wrote: On Sep 13, 2008, at 5:49 AM, steve szmidt wrote: Yes, the US had it for a while but a recent ruling has reversed that. Really? I never heard of it ever being passed in the first place. If it's the case I'm thinking of, the key couldn't be

Re: Patching a SSH 'Weakness'

On Sep 12, 2008, at 9:43 PM, Darrin Chandler wrote: I'm saying what he's wanting to prevent - Eve watching input and output to figure out passwords, based on keyboard timing and typing patterns - isn't really an easy attack for Eve to accomplish without a huge amount of data being

Re: Patching a SSH 'Weakness'

Am 12.09.2008 um 23:19 schrieb Stuart Henderson: On 2008/09/12 13:59, Marti Martinez wrote: On Fri, Sep 12, 2008 at 1:16 PM, Stuart Henderson [EMAIL PROTECTED] wrote: Wait, how do you know someone is typing a password inside the session and not just writing a text file or typing

Re: Patching a SSH 'Weakness'

On 2008-09-13, Jonathan Schleifer [EMAIL PROTECTED] wrote: Am 12.09.2008 um 23:19 schrieb Stuart Henderson: On 2008/09/12 13:59, Marti Martinez wrote: On Fri, Sep 12, 2008 at 1:16 PM, Stuart Henderson [EMAIL PROTECTED] wrote: Wait, how do you know someone is typing a password inside the

Re: Patching a SSH 'Weakness'

Am 13.09.2008 um 11:36 schrieb Stuart Henderson: Not always. You might connect to another machine and connect out again from there. You could directly connect from your machine to the other machine. You might bring the argument that you can't get a direct connection, but for that purpose, SSH

Re: Patching a SSH 'Weakness'

johan beisser wrote: Given enough time and enough response packets you might be able to figure out which two letter commands were given at any given time. Section 6 of RFC4253[1] should provide some level of masking to which character is typed outbound to the remote system and more than bit on

Re: Patching a SSH 'Weakness'

On Saturday 13 September 2008, Jonathan Schleifer wrote: I don't know a single country where you are forced to hand over keys, but not to hand over passwords -- Jonathan Yes, the US had it for a while but a recent ruling has reversed that. -- Steve Szmidt They that would give up

Re: Patching a SSH 'Weakness'

On Sep 13, 2008, at 3:21 AM, Toni Spets wrote: What about some known patterns like screen (-r) from the start of every session for example in an IRC shell where most people do that first? Could it be used with lots of data to crack open future sessions? I would say yes it's possible. But

Re: Patching a SSH 'Weakness'

On Sep 13, 2008, at 5:49 AM, steve szmidt wrote: Yes, the US had it for a while but a recent ruling has reversed that. Really? I never heard of it ever being passed in the first place. If it's the case I'm thinking of, the key couldn't be compelled from the guy due to how they were trying

Re: Patching a SSH 'Weakness'

To all who opposed the suggestion to send one block of data when the Enter key is pressed: my suggestion strictly referred to the login procedure, not to the later data communication. I did not mention this because I thought it was clear from the context of the original poster who has expressively

Re: Patching a SSH 'Weakness'

On 9/10/2008 at 2:58 PM Kevin Neff wrote: |Hi, | |Some secure protocols like SSH send encrypted keystrokes |as they're typed. By doing timing analysis you can figure |out which keys the user probably typed (keys that are |physically close together on a keyboard can be typed |faster). A careful

Re: Patching a SSH 'Weakness'

On Fri, Sep 12, 2008 at 4:12 AM, [EMAIL PROTECTED] wrote: To all who opposed the suggestion to send one block of data when the Enter key is pressed: my suggestion strictly referred to the login procedure, not to the later data communication. I did not mention this because I thought it was

Re: Patching a SSH 'Weakness'

On 2008-09-12, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: To all who opposed the suggestion to send one block of data when the Enter key is pressed: my suggestion strictly referred to the login procedure, not to the later data communication. I did not mention this because I thought it was

Re: Patching a SSH 'Weakness'

Thanks for all the comments. I think we're all pretty much on the same page. First order of business is to look at how much of a weakness this may be. Then, implement several potential solutions. Finally, test to see if the fixes improved the situation. I like the idea of mainly patching the

Re: Patching a SSH 'Weakness'

Ted Unangst wrote: On Fri, Sep 12, 2008 at 4:12 AM, [EMAIL PROTECTED] wrote: To all who opposed the suggestion to send one block of data when the Enter key is pressed: my suggestion strictly referred to the login procedure, not to the later data communication. I did not mention this because

Re: Patching a SSH 'Weakness'

Stuart Henderson wrote: On 2008-09-12, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: To all who opposed the suggestion to send one block of data when the Enter key is pressed: my suggestion strictly referred to the login procedure, not to the later data communication. I did not mention this

Re: Patching a SSH 'Weakness'

On Fri, Sep 12, 2008 at 5:41 PM, Toni Spets [EMAIL PROTECTED] wrote: Stuart Henderson wrote: On 2008-09-12, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: To all who opposed the suggestion to send one block of data when the Enter key is pressed: my suggestion strictly referred to the login

Re: Patching a SSH 'Weakness'

David Higgs [EMAIL PROTECTED] wrote: When it detects that *s are being echoed instead of the actual input character. I have never seen a password prompt on a UNIX terminal that echo'd *s. -- Jonathan [demime 1.01d removed an attachment of type application/pgp-signature which had a name of

Re: Patching a SSH 'Weakness'

On 2008-09-12, Toni Spets [EMAIL PROTECTED] wrote: Stuart Henderson wrote: On 2008-09-12, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: To all who opposed the suggestion to send one block of data when the Enter key is pressed: my suggestion strictly referred to the login procedure, not to the

Re: Patching a SSH 'Weakness'

On Fri, Sep 12, 2008 at 1:16 PM, Stuart Henderson [EMAIL PROTECTED]wrote: Wait, how do you know someone is typing a password inside the session and not just writing a text file or typing arbitrary commands? e.g. when eve's machine that's hijacking the network packets picks up an outgoing

Re: Patching a SSH 'Weakness'

On Sep 12, 2008, at 1:16 PM, Stuart Henderson wrote: Wait, how do you know someone is typing a password inside the session and not just writing a text file or typing arbitrary commands? e.g. when eve's machine that's hijacking the network packets picks up an outgoing SSH connection. I'm not

Re: Patching a SSH 'Weakness'

On 2008/09/12 13:59, Marti Martinez wrote: On Fri, Sep 12, 2008 at 1:16 PM, Stuart Henderson [EMAIL PROTECTED]wrote: Wait, how do you know someone is typing a password inside the session and not just writing a text file or typing arbitrary commands? e.g. when eve's machine that's

Re: Patching a SSH 'Weakness'

On 2008/09/12 14:05, johan beisser wrote: I'm not going to say It's impossible. It's not. How about really highly unlikely that Eve will pick up enough useful signal to decrypt which letters are being typed by the user. You might like to read the abstract of the article which started the

Re: Patching a SSH 'Weakness'

On Sep 12, 2008, at 7:02 AM, Kevin Neff wrote: Thanks for all the comments. I think we're all pretty much on the same page. First order of business is to look at how much of a weakness this may be. Then, implement several potential solutions. Finally, test to see if the fixes improved

Re: Patching a SSH 'Weakness'

On Sep 12, 2008, at 2:28 PM, Stuart Henderson wrote: On 2008/09/12 14:05, johan beisser wrote: I'm not going to say It's impossible. It's not. How about really highly unlikely that Eve will pick up enough useful signal to decrypt which letters are being typed by the user. You might like

Re: Patching a SSH 'Weakness'

On Sep 12, 2008, at 2:28 PM, Stuart Henderson wrote: On 2008/09/12 14:05, johan beisser wrote: I'm not going to say It's impossible. It's not. How about really highly unlikely that Eve will pick up enough useful signal to decrypt which letters are being typed by the user. You might like

Re: Patching a SSH 'Weakness'

On Thu, 11 Sep 2008, [EMAIL PROTECTED] wrote: Just off the top of my head (I have to check the SSH protocol yet): Why not encipher all accumulated keystrokes up to the Enter key as a block send them instead of sending each keystroke as it is typed? This shrouds the typist's characteristics.

Re: Patching a SSH 'Weakness'

On Fri, Sep 12, 2008 at 2:05 PM, johan beisser [EMAIL PROTECTED] wrote: ... I'm not going to say It's impossible. It's not. How about really highly unlikely that Eve will pick up enough useful signal to decrypt which letters are being typed by the user. I know that not everyone uses ssh keys,

Re: Patching a SSH 'Weakness'

On Sep 12, 2008, at 3:12 PM, Philip Guenther wrote: On Fri, Sep 12, 2008 at 2:05 PM, johan beisser [EMAIL PROTECTED] wrote: This about security. Being realistic means *not* being optimistic that extracting data will be too hard, too unlikely, only applicable to a subset of people [and

Re: Patching a SSH 'Weakness'

On Fri, 12 Sep 2008, johan beisser wrote: On Sep 12, 2008, at 3:12 PM, Philip Guenther wrote: On Fri, Sep 12, 2008 at 2:05 PM, johan beisser [EMAIL PROTECTED] wrote: This about security. Being realistic means *not* being optimistic that extracting data will be too hard, too unlikely,

Re: Patching a SSH 'Weakness'

On Sep 12, 2008, at 4:08 PM, Damien Miller wrote: There is no reason to believe that keystroke timing attacks will be impossible against protocol 2 where they work against protocol 1. They might just be a little more tricky. I don't think I discounted an updated version of this attack against

Re: Patching a SSH 'Weakness'

On Fri, Sep 12, 2008 at 05:42:08PM -0700, johan beisser wrote: It's just a improbable attack. One that's easily defended against by maintaining the interactive shell/echoback and simply push additional Was it you who said earlier that you weren't a cryptanalyst? Well, neither am I, but I have

Re: Patching a SSH 'Weakness'

On Sep 12, 2008, at 6:41 PM, Darrin Chandler wrote: On Fri, Sep 12, 2008 at 05:42:08PM -0700, johan beisser wrote: It's just a improbable attack. One that's easily defended against by maintaining the interactive shell/echoback and simply push additional Was it you who said earlier that you

Re: Patching a SSH 'Weakness'

On Fri, Sep 12, 2008 at 07:46:59PM -0700, johan beisser wrote: On Sep 12, 2008, at 6:41 PM, Darrin Chandler wrote: Was it you who said earlier that you weren't a cryptanalyst? Well, neither am I, but I have come away with one lesson from them: be on the attack. You are on the defense, and

Re: Patching a SSH 'Weakness'

On Wed, 10 Sep 2008, STeve Andre' wrote: On Wednesday 10 September 2008 15:58:03 Kevin Neff wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically

Patching a SSH 'Weakness'

Just off the top of my head (I have to check the SSH protocol yet): Why not encipher all accumulated keystrokes up to the Enter key as a block send them instead of sending each keystroke as it is typed? This shrouds the typist's characteristics. In addition, if the cipher is a block cipher,

Re: Patching a SSH 'Weakness'

I'd like to see what I'm typing, as I'm typing it, in my interactive SSH session. Andreas 2008/9/11 [EMAIL PROTECTED]: Just off the top of my head (I have to check the SSH protocol yet): Why not encipher all accumulated keystrokes up to the Enter key as a block send them instead of sending

Re: Patching a SSH 'Weakness'

11 September 2008 G. 12:00:18 [EMAIL PROTECTED] wrote: Just off the top of my head (I have to check the SSH protocol yet): Why not encipher all accumulated keystrokes up to the Enter key as a block send them instead of sending each keystroke as it is typed? This shrouds the typist's

Re: Patching a SSH 'Weakness'

On Thu, Sep 11, 2008 at 10:06:27AM +0900, Hari wrote: | On Thu, Sep 11, 2008 at 4:58 AM, Kevin Neff [EMAIL PROTECTED] wrote: | Hi, | | Some secure protocols like SSH send encrypted keystrokes | as they're typed. By doing timing analysis you can figure | out which keys the user probably typed

Re: Patching a SSH 'Weakness'

On Thu, Sep 11, 2008 at 10:42 AM, Andreas Kahari [EMAIL PROTECTED]wrote: I'd like to see what I'm typing, as I'm typing it, in my interactive SSH session. Use local echo instead of remote echo then? Reduces chattiness on the link too.

Re: Patching a SSH 'Weakness'

On Thursday 11 September 2008 02:28:58 Damien Miller wrote: On Wed, 10 Sep 2008, STeve Andre' wrote: On Wednesday 10 September 2008 15:58:03 Kevin Neff wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure

Re: Patching a SSH 'Weakness'

STeve Andre' escreveu: This is nearly complete bullshit. For any individual, learning their characteristics could give rise to being able to know a great deal about what they are doing, but hardly for the general case. I know people who type blindingly fast. I'm a mutant hunt 'n pecker,

Re: Patching a SSH 'Weakness'

Also, tab-completion won't work, top won't work, control characters won't work, vim won't work, etc etc... -HKS On Thu, Sep 11, 2008 at 4:00 AM, [EMAIL PROTECTED] wrote: Just off the top of my head (I have to check the SSH protocol yet): Why not encipher all accumulated keystrokes up to the

Re: Patching a SSH 'Weakness'

On Thu, Sep 11, 2008 at 11:49:39AM -0400, (private) HKS wrote: | Also, tab-completion won't work, top won't work, control characters | won't work, vim won't work, etc etc... I'm glad someone brought up this point.

Patching a SSH 'Weakness'

Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed faster). A careful analysis can reveal the length of passwords and

Re: Patching a SSH 'Weakness'

On Wed, 10 Sep 2008, Kevin Neff wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed faster). A careful

Re: Patching a SSH 'Weakness'

On Thu, Sep 11, 2008 at 4:58 AM, Kevin Neff [EMAIL PROTECTED] wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be

Re: Patching a SSH 'Weakness'

Just wait until you see me type! On Thu, Sep 11, 2008 at 10:06:27AM +0900, Hari wrote: On Thu, Sep 11, 2008 at 4:58 AM, Kevin Neff [EMAIL PROTECTED] wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which

Re: Patching a SSH 'Weakness'

On Thu, Sep 11, 2008 at 10:06:27AM +0900, Hari wrote: On Thu, Sep 11, 2008 at 4:58 AM, Kevin Neff [EMAIL PROTECTED] wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys

Re: Patching a SSH 'Weakness'

On Wednesday 10 September 2008 15:58:03 Kevin Neff wrote: Hi, Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed

Re: Patching a SSH 'Weakness'

On Wed, Sep 10, 2008 at 7:56 PM, STeve Andre' [EMAIL PROTECTED] wrote: How about people with severe physical problems? I know a C4 quadriplegic who types slowly, very slowly. Depending on how he feels, his speed varies by probably a factor of 4 or so. if I was trying to gank a

Re: Patching a SSH 'Weakness'

Hell you say. I wear glasses and have been punched. Hard. In the face. Good to know I'll be immune from you. On 9/10/08, Aaron Glenn [EMAIL PROTECTED] wrote: On Wed, Sep 10, 2008 at 7:56 PM, STeve Andre' [EMAIL PROTECTED] wrote: How about people with severe physical problems? I know a C4