search for: use_steno_timing_manipul

Displaying 3 results from an estimated 3 matches for "use_steno_timing_manipul".

2001 Nov 09
4
keystroke timing attack
I'm reading this fine article on O'Reilly: http://linux.oreillynet.com/lpt/a//linux/2001/11/08/ssh_keystroke.html <quote> The paper concludes that the keystroke timing data observable from today's SSH implementations reveals a dangerously significant amount of information about user terminal sessions--enough to locate typed passwords in the session data stream and reduce the
2001 Oct 16
1
Defeating Timing Attacks Patch for OpenSSH 2.9.9p2 and 2.9p2
...ARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES @@ -1590,9 +1616,12 @@ /* If there is data to send to the connection, enqueue some of it now. */ - +/* + * SD Mod: add arguments bogus_send_count and use_steno_timing_manipulation + * to channel_output_poll. +*/ void -channel_output_poll() +channel_output_poll(int *bogus_send_count, int use_steno_timing_manipulation) { int len, i; Channel *c; @@ -1649,11 +1678,49 @@ SSH2_MSG_CHANNEL_DATA : SSH_MSG_CHANNEL_DATA);...
2001 Oct 06
1
Defeating Timing Attacks
Hello, In response to the timing analysis attacks presented by Dawn Song et. al. in her paper http://paris.cs.berkeley.edu/~dawnsong/ssh-timing.html we at Silicon Defense developed a patch for openssh to avoid such measures. Timing Analysis Evasion changes were developed by C. Jason Coit and Roel Jonkman of Silicon Defense. These changes cause SSH to send packets unless request not to,