lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue Dec  6 17:35:51 2005
From: jsmith1001 at post.com (John Smith)
Subject: Most common keystroke loggers?

I'm sure there are problems with this, but here's my idea of preventing
improper authentication. At best, I think the attacker would only be able
to DoS the device, or attempt replay - which would fail without the
correct time-delay. I think some kind of two-part blackbox auth with time
delay was what I was trying to get at :)


**   = an event
<--> = any traffic that crosses USB peripheral border, ie vulnerable data
[KP] = USB (for instance) input peripheral, with keycode entry pad
[RS] = Remote authentication site


 **[KP] is intialized upon deployment like a SecurId. It is synced with
the auth server based on time, and several static algorithms.


 **[RS] is on the same time as [KP]

 **[RS] knows [KP] time-delay algorithm, and control algorithm, assoc.
w/KPID.

 **

>Upon being plugged in, heres what would happen:


[KP] -- Remote auth SYN request, w/encrypted KPID sent --> [RS]


 **[RS] determines what time-delay algorithm [KP] is on by KPID. (KPID
encryption is static to all components - possible point of failure.)


[KP] <--------------------- ACK sent back ---------------- [RS]


[KP] <--- Traffic averages analysis between KP and RS ---> [RS]


 **[KP] flashes green light to user

 **[KP] <-- User enters Keycode ------- [USER]

 **[KP] calculates two hashes, based on separate date/time sequence
selected algorithms that are created using the current synced time, and a
unique control algorithm determined during intialization.


[KP] --------- transmits first hash sequence to ---------> [RS]


 **[KP] waits x cycles based on a unique time-delay algorithm [RS] knows
by KPID.


[KP] --- transmits second hash sequence to [RS] ---------> [RS]

 **[RS] uses earlier traffic analysis to determine an acceptable level of
tolerance for receipt time, and determines consistency with time-delay
algorithm for KPID.

 **[RS] authenticates data

[KP] <----- Close session, pass/fail errout to KP -------- [RS]

 **[KP] shuts down USB port, no further traffic until reset (several ways
to do that)

[Compromised PC] <------------- Session ------------------ [RS]

What do you think?

-- 
___________________________________________________
Play 100s of games for FREE! http://games.mail.com/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051206/bc7aa2d8/attachment-0001.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ