On Fri, Apr 19, 2002 at 05:28:10AM +0400, Solar Designer wrote: > On Thu, Apr 18, 2002 at 09:45:53AM -0500, Mauro Lacy wrote: > > REMOTE TIMING TECHNIQUES > > It's good to see this kind of weaknesses to start being publicized. I > know there's another similar paper to be published soon. > > We've been discussing the possibility to apply a variation of Kocher's > attack against SSH clients w/ RSA/DSA authentication (where a malicious > server would obtain the client's private key and be able to use that > against another server) with Markus and Niels of OpenSSH just recently. > > I don't see how a client -> server attack against SSH would be possible > (other than on usernames and such). > > The leak of usernames is of course the most obvious example, pretty much > every service is affected. Of course we avoid leaks like that in our > code (popa3d, pam_tcb on Owl), but we haven't fixed our system libraries > (such as glibc's NSS modules) yet and those are used by all services. Probably speaking of http://stealth.7350.org/epta.tgz which describes timing-weaknesses in UNIX daemons+libs. ;-) It also contains some sourcecode which demonstrates that these attacks are possible. Maybe one is able to join all the stuff ;-) regards, S.
This archive was generated by hypermail 2b30 : Sat Apr 20 2002 - 11:41:11 PDT