[Cryptech Tech] goals / use cases
Warren Kumari
warren at kumari.net
Wed Jan 28 17:53:00 UTC 2015
On Wed, Jan 28, 2015 at 12:40 PM, Bernd Paysan <bernd at net2o.de> wrote:
> Am Mittwoch, 28. Januar 2015, 16:30:33 schrieb Fredrik Thulin:
>> This exfiltration was said to be observable by even a passive attacker
>> sniffing an SSH session. Ouch.
>
> AFAIK that was observing people typing in a password, and there, the timing
> interval correlates with the keys. And SSH does not have an "accumulate all
> keystrokes for a password" mode.
For a document that will really cook yer noodle (and make you dispair
about side-channels):
"Phonotactic Reconstruction of Encrypted VoIP Conversations: Hookt on
fon-iks" - http://www.cs.unc.edu/~fabian/papers/foniks-oak11.pdf
... and now I'm off to go live in a shack in the woods...
W
>
> --
> Bernd Paysan
> "If you want it done right, you have to do it yourself"
> http://bernd-paysan.de/
> net2o ID: kQusJzA;7*?t=uy at X}1GWr!+0qqp_Cn176t4(dQ*
>
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://lists.cryptech.is/listinfo/tech
--
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
---maf
More information about the Tech
mailing list