[Security] keystroke and timing attacks against IM traffic?

Peter Saint-Andre stpeter at stpeter.im
Mon Aug 4 17:32:50 CDT 2008

During an IM session earlier today, Jonathan Schleifer mentioned to me 
that he thinks the work of Song, Wagner, and Tian on SSH might apply 
equally to instant messaging traffic:


For an opposing view see:


It seems to me quite possible that IM traffic is more susceptible to 
attacks of this kind than SSH is, especially given the existence of 
things like chat state notifications:



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080804/833a73a4/attachment.bin 

More information about the Security mailing list