similar to: Packet Timing and Data Leaks

On Thu, 3 Aug 2023, Chris Rapier wrote: > Howdy all, > > So, one night over beers I was telling a friend how you could use the timing > between key presses on a type writer to extract information. Basically, you > make some assumptions about the person typing (touch typing at so many words > per second and then fuzzing the parameters until words come out). > > The I

On Thu, Aug 3, 2023 at 2:35?PM Chris Rapier <rapier at psc.edu> wrote: > > Howdy all, > > So, one night over beers I was telling a friend how you could use the > timing between key presses on a type writer to extract information. > Basically, you make some assumptions about the person typing (touch > typing at so many words per second and then fuzzing the parameters

Damien Miller wrote: > On Thu, 3 Aug 2023, Chris Rapier wrote: > >> Howdy all, >> >> So, one night over beers I was telling a friend how you could use the timing >> between key presses on a type writer to extract information. Basically, you >> make some assumptions about the person typing (touch typing at so many words >> per second and then fuzzing the

On Mon, 7 Aug 2023, Chris Rapier wrote: > > The broader issue of hiding all potential keystroke timing is not yet fixed. > > Could some level of obfuscation come from enabling Nagle for interactive > sessions that has an associated TTY? Though that would be of limited > usefulness in low RTT environments. I don't like the idea of having a steady > drip of packets as that

On 8/28/13 4:37 PM, Nick Lewycky wrote: > On 26 August 2013 11:39, Stephen Crane <sjcrane at uci.edu > <mailto:sjcrane at uci.edu>> wrote: > > Greetings LLVM Devs! > > I am a PhD student in the Secure Systems and Software Lab at UC > Irvine. We have been working on adding randomness into code generation > to create a diverse population of

Using stock OpenSSH 4.7 I found different behavior when trying to specify the use of the 'none' cipher depending on the command line option nomenclature. This is under linux 2.6.19-web100 using -ocipher=none [root at delta openssh-4.7p1-hpnv19]# /home/rapier/ssh47/bin/scp -S /home/rapier/ssh47/bin/ssh -ocipher=none -P 2222 ~rapier/2gb rapier at localhost:/dev/null rapier at

I don't know if anyone would be interested in this but I'm including a patch to allow for offsets when transferring files with SCP. It's pretty simple and assumes the user knows what they are doing (for example, if transferring with a wild card the offset would apply to all files). -A is the number of bytes offset from the beginning of the files. -Z is the number of bytes inset

Hey all, So I do some development based on openssh and I'm trying to think of some new projects that might extend the functionality, feature set, user workflow, performance, etc of ssh. So open ended question: Do any of you have a wish list of things you'd like to see in ssh? Mostly I'm just curious to see what the larger community is thinking of rather than being driven

Hi, Jean-Marc Valin wrote: > Well, you could change the order in the encoder as long as you reverse > it in the decoder as well. Ok, I see that in the split_cb_shape_sign_unquant function, that each coefficient is tied to it's position in the nb_subvect exc coefficients. Honestly, I have problems understanding what exactly the codebook search works like. If you have the time to to

On my test systems: Ubuntu 22.04 with GCC 11.4 and OpenSSL 3.0.2 on AMD: PASS Fedora 39 with GCC 12.3.1 and OpenSSL 3.0.9 on Intel: PASS OS X 14.3.1 with clang 15.0.0 on Apple M2 (--without-openssl): FAIL The failure is with "make tests" specifically when it runs /Users/rapier/openssh-portable/ssh-keygen -if /Users/rapier/openssh-portable/regress/rsa_ssh2.prv | diff -

That's true for block ciphers, but ChaCha20+poly1305 is a stream cipher. On Wed, 29 Mar 2023, Robinson, Herbie wrote: > > I?m hardly an expert on this, but if I remember correctly, the rekey rate > for good security is mostly dependent on the cipher block size.? I left my > reference books at home; so, I can?t come up with a reference for you, but I > would take Chris?

> On 30 Sep 2020, at 21:42, Jason Keltz via samba <samba at lists.samba.org> wrote: > > > On 9/30/2020 3:01 PM, Remy Zandwijk via samba wrote: >>>>> On the client, add: >>>>> >>>>> gensec_gssapi:requested_life_time = <int> # seconds >>>>> >>>>> to smb4.conf. E.g. a ticket life time of one hour:

Hello kind developers, I am planning on creating a steganographic extension for speex/CELP. Since speex/CELP is lossy, there should be quite many bits that one can use for hiding data. I'm familiar with the principles of CELP (two filter loops, one for pitch, the other for formants, let the raw speech frame run through those filter loops, take residue signal, map it on a codebook entry,

Good morning, What is the general consensus about using LLVM 2.9 vs tip of tree for developing new backends? Is LLVM 2.9 still recent enough to make forward porting easy once 3.0 comes out? Is tip of tree considered stable enough for non-core development? My reason for asking is that a fellow grad student and I are about to start implementing a new backend for RISK-V - a research

On 11/11/2020 10:54, Jason Keltz via samba wrote: > Hi Louis, > I've looked into that and I'm not sure how this would be done? > By the way, even with your NFS translation fix (which doesn't work for me because gssproxy), do you do this before accessing root files..? > sudo root > kinit -k 'host$' > OK, after a bit of a battle, I now have a Centos 7 Unix

Using OpenSSH_8.3p1 I had an open (working) connection to some other box; after a bit of inactivity, some device in the middle seems to have forgotten about the TCP connection (NAT) and broke it. I've got an EscapeChar defined, though; so first I tried to send a BREAK and, when that didn't help (TCP already gone, packets get lost!), I tried (just out of curiosity) a Rekey. Now I can see

On Thu, 7 Nov 2024 at 07:55, Chris Rapier <rapier at psc.edu> wrote: >[...]I had been using > Blake2b512 for the hashing algorithm but I want to put in a path to use > xxhash instead. Maintaining backward compatibility means I need to know > something about the remote. In the case of sftp at least, that sounds like a function of the sftp-server not sshd, in which case could you

On Fri, 8 Nov 2024 at 03:16, Darren Tucker <dtucker at dtucker.net> wrote: > > On Thu, 7 Nov 2024 at 07:55, Chris Rapier <rapier at psc.edu> wrote: > >[...]I had been using > > Blake2b512 for the hashing algorithm but I want to put in a path to use > > xxhash instead. Maintaining backward compatibility means I need to know > > something about the remote.

I am newbie to OpenSSH and have a question on providing password during a client log in session. I am using OpenSSH for Windows(XP) version 3.81p1. Is this the latest version for windows? >From the archive list I gather that OpenSSH will not provide a password option while invoking ssh commands, is this true? or will this be included in the future releases? I read something about using

I know that there are some methods to use federated identities (e.g. OAuth2) with SSH authentication but, from what I've seen, they largely seem clunky and require users to interact with web browsers to get one time tokens. Which is sort of acceptable for occasional logins but doesn't work with automated/scripted actions. I'm just wondering if anyone has done any work on this or