> One question, though: how do you determine which packets in the session are part of a password? And if you can't do that, how do you decide which timing information is to be used in breaking a password?
This is quite easy in fact! You just look for packets that are not echoed back. In a normal session, you see every packet from client to server is followed almost imediately by a packet from server to client containing some data. When entering a password, the echo is turned off, so the server only sends acks back to the client.
I would like to add to my original post that all the opinions are mine, although all the credit is due to the paper's authors.
Also, some people mentioned Nagle's algorithm. This will certainly degrade the quality of information the attacker can glean, but it isn't a perfect solution. Since Nagle's algorithm bunches keystrokes based on the latency between them, the attacker still gains information about the latency between those key strokes merely by observing that they were batched together!
There seems to be some confusion as to the nature of this attack on ssh. Some facts may be enlightening:
I am not one of the authors. Everything I write here is the result of informative discussions with Dawn Song, one of the authors on the ssh paper.
All ssh implementatons send your password in one packet (when using password authentication). However, if you ssh from A to B, and then from B to C, the fact that your password is sent from B to C in one packet isn't helping you a whole lot, since it was sent one character at a time from A to B. Using RSA authentication doesn't help, since you have to enter a password to access the key stored on B. This password will be sent one character at a time from A to B. This multihop ssh-ing is a common practice, so this is a serious threat.
Sombody else claimed that it was only effective against passwords which were susceptible to a dictionary attack. This is a non-sensical statement. The best way to describe what the attack does is in terms of bits of information gained, but I'll simply say that, with this attack, you usually only have to search about 1% of the possible passwords to find the right one.
Others have suggested using one finger to type, or using a dvorak keyboard, or deliberately typing in a random fashion. Using one finger or typing randomly will work. However, a dvorak keyboard would only change the keyboard model. The attacker could still perform the same attack, but using that model instead of the qwerty one.
As for remedies, inserting random jitter in ssh is not effective. By watching several logins, an attacker could average out the jitter to get the real timings. Changing ssh to send packets at regular intervals, or using line mode, will eliminate all timing information.
Although this attack was presented in terms of gathering passwords, it's also effective (perhaps even more effective) for recovering english text. In fact, the information recovered is about 1.2 bits/keypair, and english only has about 1.2 bits/letter of entropy. So in essence, because of this attack, YOU SHOULD CONSIDER SSH TO BE EFFECTIVELY EQUIVALENT TO NO ENCRYPTION AT ALL. You should not make light of this attack unless you would be willing to use telnet.
Somebody also said that this was extreme paranoia because one could just park a tempest van outside your window to get the text you type. But tempest vans are expensive and hard to operate. Breaking into routers is easy. This attack could easily be scripted, but I know of no tempest-van scripts in wide use. So the threat here is tremendous.
The best solution is to randomize your typing until ssh is modified to send packets at regular intervals.
I would love to use gnucash for analyzing my investments, but the builtin reports don't provide the right sort of information for this task. So, for the moment, I use Xinvest (I know, I know...). What plans do you have, if any, for supporting stock analysis?
I'm a graduate math GSI at Berkeley, and have even participated in a fellow grad student's survey in an attempt to understand why teachers do various things (e.g. why did you ask for the answer from the class instead of just telling them?)
So here's my take on your questions: Of all the subjects which is the most important for the development of the student? That is, which subject gives the most skills to the student beyond the actual information taught? These are two different questions. As one of my professors noted, most people only use basic computation in their daily lives, so that is the most important topic. The most transcendant topic is, of course, the problem solving skills students derive from doing their homework. They (hopefully) learn to attack problems in all areas of life. Some of the things they learn are incredibly basic: What are the preconditions? What do I want? What tools do I have at my disposal? How can I break this into a sequence of simpler problems?
What is the goal of teaching Math to children? Is it to give them skills to manipulate numbers or does it accomplish something else (or maybe both)? Yes. Everyone needs to be able to manipulate numbers in the grocery store. This is all that is taught until about ninth grade, when most people take geometry. Geometry introduces the conept of a proof, which is at the core of all abstract thought. Most students do not ever understand proofs, but only those who do can pursue any sort of advanced career. For example, programmers write proofs in their heads all the time, such as, "This function will not dereference a null pointer because such-and-such."
People often say that math teaches abstract reasoning. Is this so, how and why? Could there be a better way to accomplish this? As mentioned above, by teaching proofs, math teaches abstract reasoning. A better way to teach it would be to emphasize proofs in other classes, such as chemistry, biology and physics.
With the development of small computers and calculators do you see the role of math education declining? Why or why not? Why are children often forced to memorize multiplication tables and do long division? No. Suppose I ask you to prove Fermat's Little Theorem, and you are allowed to use all the theorems from a basic course in abstract algebra (I even hand you a book on the subject). The problem is, most likely, still intractable to you. However, if you had memorized the theorems from the course, you would quickly reply that FLT is a mere corollary of one of those facts. So it is with any tool. Caclulators are cumbersome, slow computational tools and if all students become dependant on them, then problems which should be easy will become burdensome. Even bright students would have to do stupid things like stop in the middle of a large problem and use a calculator to determine if 11/5 is bigger than 2, slowing them significantly. Furthermore, students would be unable to do rough approximations in their head to get an idea of what the answer should be.
Why is it that students who have some deficiency in math are stigmatized as "not so bright" more often than children who fail to do well in other subjects? Conversely, why are children who excel at math considered gifted (more so than other subjects)?" I'm not sure this is even the case, since the gifted math and english classes at my h.s. consisted of mostly the same students. The students who were good at math were good at other stuff, and the good writers and artists were competent enough to be in the advanced math classes, too. There is, perhaps, a societal belief that math is the closest one can get to pure thought (I agree with this view), and hence good mathematicians are good thinkers.
Slashdot Mirror
Murakami has great characters, and Wallace is a hoot! Not to mention their writing is more-or-less nobel caliber.
> One question, though: how do you determine which packets in the session are part of a password? And if you can't do that, how do you decide which timing information is to be used in breaking a password?
This is quite easy in fact! You just look for packets that are not echoed back. In a normal session, you see every packet from client to server is followed almost imediately by a packet from server to client containing some data. When entering a password, the echo is turned off, so the server only sends acks back to the client.
I would like to add to my original post that all the opinions are mine, although all the credit is due to the paper's authors.
Also, some people mentioned Nagle's algorithm. This will certainly degrade the quality of information the attacker can glean, but it isn't a perfect solution. Since Nagle's algorithm bunches keystrokes based on the latency between them, the attacker still gains information about the latency between those key strokes merely by observing that they were batched together!
Best,
Rob
There seems to be some confusion as to the nature of this attack on ssh. Some facts may be enlightening:
I am not one of the authors. Everything I write here is the result of informative discussions with Dawn Song, one of the authors on the ssh paper.
All ssh implementatons send your password in one packet (when using password authentication). However, if you ssh from A to B, and then from B to C, the fact that your password is sent from B to C in one packet isn't helping you a whole lot, since it was sent one character at a time from A to B. Using RSA authentication doesn't help, since you have to enter a password to access the key stored on B. This password will be sent one character at a time from A to B. This multihop ssh-ing is a common practice, so this is a serious threat.
Sombody else claimed that it was only effective against passwords which were susceptible to a dictionary attack. This is a non-sensical statement. The best way to describe what the attack does is in terms of bits of information gained, but I'll simply say that, with this attack, you usually only have to search about 1% of the possible passwords to find the right one.
Others have suggested using one finger to type, or using a dvorak keyboard, or deliberately typing in a random fashion. Using one finger or typing randomly will work. However, a dvorak keyboard would only change the keyboard model. The attacker could still perform the same attack, but using that model instead of the qwerty one.
As for remedies, inserting random jitter in ssh is not effective. By watching several logins, an attacker could average out the jitter to get the real timings. Changing ssh to send packets at regular intervals, or using line mode, will eliminate all timing information.
Although this attack was presented in terms of gathering passwords, it's also effective (perhaps even more effective) for recovering english text. In fact, the information recovered is about 1.2 bits/keypair, and english only has about 1.2 bits/letter of entropy. So in essence, because of this attack, YOU SHOULD CONSIDER SSH TO BE EFFECTIVELY EQUIVALENT TO NO ENCRYPTION AT ALL. You should not make light of this attack unless you would be willing to use telnet.
Somebody also said that this was extreme paranoia because one could just park a tempest van outside your window to get the text you type. But tempest vans are expensive and hard to operate. Breaking into routers is easy. This attack could easily be scripted, but I know of no tempest-van scripts in wide use. So the threat here is tremendous.
The best solution is to randomize your typing until ssh is modified to send packets at regular intervals.
Best,
Rob
I would love to use gnucash for analyzing my investments, but the builtin reports don't provide the right sort of information for this task. So, for the moment, I use Xinvest (I know, I know...). What plans do you have, if any, for supporting stock analysis?
Best,
Rob
I'm a graduate math GSI at Berkeley, and have even participated in a fellow grad student's survey in an attempt to understand why teachers do various things (e.g. why did you ask for the answer from the class instead of just telling them?)
So here's my take on your questions:
Of all the subjects which is the most important for the development of the student? That is, which subject gives the most skills to the student beyond the actual information taught?
These are two different questions. As one of my professors noted, most people only use basic computation in their daily lives, so that is the most important topic. The most transcendant topic is, of course, the problem solving skills students derive from doing their homework. They (hopefully) learn to attack problems in all areas of life. Some of the things they learn are incredibly basic: What are the preconditions? What do I want? What tools do I have at my disposal? How can I break this into a sequence of simpler problems?
What is the goal of teaching Math to children? Is it to give them skills to manipulate numbers or does it accomplish something else (or maybe both)?
Yes. Everyone needs to be able to manipulate numbers in the grocery store. This is all that is taught until about ninth grade, when most people take geometry. Geometry introduces the conept of a proof, which is at the core of all abstract thought. Most students do not ever understand proofs, but only those who do can pursue any sort of advanced career. For example, programmers write proofs in their heads all the time, such as, "This function will not dereference a null pointer because such-and-such."
People often say that math teaches abstract reasoning. Is this so, how and why? Could there be a better way to accomplish this?
As mentioned above, by teaching proofs, math teaches abstract reasoning. A better way to teach it would be to emphasize proofs in other classes, such as chemistry, biology and physics.
With the development of small computers and calculators do you see the role of math education declining? Why or why not? Why are children often forced to memorize multiplication tables and do long division?
No. Suppose I ask you to prove Fermat's Little Theorem, and you are allowed to use all the theorems from a basic course in abstract algebra (I even hand you a book on the subject). The problem is, most likely, still intractable to you. However, if you had memorized the theorems from the course, you would quickly reply that FLT is a mere corollary of one of those facts. So it is with any tool. Caclulators are cumbersome, slow computational tools and if all students become dependant on them, then problems which should be easy will become burdensome. Even bright students would have to do stupid things like stop in the middle of a large problem and use a calculator to determine if 11/5 is bigger than 2, slowing them significantly. Furthermore, students would be unable to do rough approximations in their head to get an idea of what the answer should be.
Why is it that students who have some deficiency in math are stigmatized as "not so bright" more often than children who fail to do well in other subjects? Conversely, why are children who excel at math considered gifted (more so than other subjects)?"
I'm not sure this is even the case, since the gifted math and english classes at my h.s. consisted of mostly the same students. The students who were good at math were good at other stuff, and the good writers and artists were competent enough to be in the advanced math classes, too. There is, perhaps, a societal belief that math is the closest one can get to pure thought (I agree with this view), and hence good mathematicians are good thinkers.