Women in Technology

Hear us Roar



Article:
  Time and Tide Wait for No Protocol
Subject:   easy maybe
Date:   2002-01-05 11:35:18
From:   xinwenfu
For dawn Song's attack to SSH password, maybe a simple change to the SSH protocol can solve the problem.


Why sending the password letter one by one? Collect them together (we know when the user ends the password input) and then send it out in one packet. That is it.


Take it easy!

Main Topics Oldest First

Showing messages 1 through 1 of 1.

  • easy maybe
    2002-02-10 08:42:02  res [View]

    Read the article again -- I'm afraid you completely missed the point. SSH already does this; the timing attack is entirely unrelated.