Extracting data
Posted on August 20, 2001 @ 12:08 in General
The ingenuity of cryptographic systems and the attacks waged against them keeps amazing me. This article describes a method, presented at the USENIX conference, for attacking the secure shell (SSH) protocol. Because SSH usually is an interactive (TELNET) session, it's possible to measure the time between the different keystrokes. A statistical analysis of the timing data, using a Hidden Markov Model and a key sequence prediction algorithm, allows the attacker to extract the actual keystrokes from the stream of encrypted data. For me, that's got a big wow factor ;-)
Comments and Trackbacks
No comments or trackbacks for this entry yet.
Post a comment
Comments and trackbacks have been closed on this site. My apologies.
Since MT-Blacklist inexplicably stopped working I had no other recourse than close comments and trackbacks to stop the spam. I've been meaning to correct this for quite a while, but life got in the way... in a good way I should add.