[Security] keystroke and timing attacks against IM traffic?

Florian Zeitz florian.zeitz at gmx.de
Tue Aug 5 07:15:03 CDT 2008

Hash: SHA1

Jonathan Schleifer schrieb:
> Florian Zeitz <florian.zeitz at gmx.de> wrote:
>> If Jonathan has any other attacks in mind or found a way to apply this
>> technique to XMPP I'd really like to hear about it.
> I'm not saying I found an attack, but currently, an attacker would know
> how long the message is _AND_ how long it has been typed. I could
> imagine that this may make an attack easier.

I personally doubt this. While you learn the length of the message, the
how long it has been typed is difficult to figure out:
cites difficulties due to network latency.
In the case of typing notifications there is additionally a delay until
a "not typing any longer" event is sent or a unknown pause before
someone presses enter (s/he might reread his message, might just press
Enter immediately, might press Enter by accident in the middle of a
message, etc.).
And as stated before you can also delete characters while "typing".
All this factors make getting a valid value for how long the message has
been typed near impossible in real life IMHO.
Version: GnuPG v1.4.6 (GNU/Linux)


More information about the Security mailing list