Commit 5c326577 authored by Paul Fiterau Brostean's avatar Paul Fiterau Brostean
Browse files

Processed more comments

parent cea2439c
......@@ -4,6 +4,9 @@ auth -> chan[color=green style=bold label="CH_OPEN/
CH_OPEN_SUCCESS"]
chan -> pty[color=green style=bold label="CH_REQUEST_PTY/
CH_SUCCESS"]
pty -> pty[color=green style=bold label="CH_SEND_DATA...
"]
pty -> auth[color=green style=bold label="CH_CLOSE/
CH_CLOSE_SUCCESS"]
}
No preview for this file type
......@@ -30,9 +30,9 @@ state of the {\dsut} is one where a TCP connection has already been established
The alphabet we use consists of inputs, which correspond to messages
sent to the server, and outputs, which correspond to messages received
from the server. We split the input alphabet into three parts, one
for rach of the protocol layers.
\marginpar{\tiny Erik: the output alphabet is not discussed anywhere,
but for the discussion of the mapper in the next section it should be}
for each of the protocol layers.
%\marginpar{\tiny Erik: the output alphabet is not discussed anywhere,
%but for the discussion of the mapper in the next section it should be}
Learning does not scale with a growing alphabet, and since we are only
learning models of servers, we remove those inputs that are not
......@@ -210,19 +210,19 @@ There are a few sources of non-determinism in SSH:
\begin{enumerate}
\item Underspecification in the SSH specification (for example, by not
specifying the order of certain messages) allows some
non-deterministic behaviour. And even if client
non-deterministic behavior. And even if client
and server do implement a fixed order for messages they sent, the
asynchronous nature of communication means that the
interleaving of sent and received messages may vary. Moreover,
client and server are free to intersperse \textsc{debug} and
\textsc{ignore} messages at any given time\footnote{The \textsc{ignore}
messages are aimed to thwart traffic analysis.}
\item Timing is another source of non-deterministic behaviour. For
\item Timing is another source of non-deterministic behavior. For
example, the {\dmapper} might time-out before the {\dsut} had
sent its response.
In our experiments we tried to set time-out periods so that this
did not occur. However, other timing-related quirks can still
cause non-deterministism. For example, some {\dsuts} behave
cause non-determinism. For example, some {\dsuts} behave
unexpectedly when a new query is received too shortly after the
previous one.
%For example, a trace in which a valid user authentication is performed within five milliseconds after an authentication request on DropBear can cause the authentication to (wrongly) fail.
......
......@@ -55,9 +55,9 @@ Once a secure tunnel has been established, the client can authenticate. For this
\subsection{Connection layer}\label{ssh-run-conn}
Successful authentication makes services of the connection layer available. The connection layer enables the user to open and close channels of various types, with each type providing access to specific services. Of the various services available, we focus on the remote terminal over a session channel, a classical use of SSH. The happy flow consists of opening a session channel, \textsc{ch\_open}, requesting a ``pseudo terminal'' \textsc{ch\_request\_pty}, sending and managing data via the messages \textsc{ch\_send\_data}, \textsc{ch\_window\_adjust}, \textsc{ch\_send\_eof}, and eventually closing the channel via \textsc{ch\_close}, as depicted in Figure~\ref{fig:hf-conn}.
\marginpar{\tiny Erik: to match this text, the figure should include a cycle
for \textsc{ch\_send\_data}, \textsc{ch\_window\_adjust}, \textsc{ch\_send\_eof}??}
Successful authentication makes services of the connection layer available. The connection layer enables the user to open and close channels of various types, with each type providing access to specific services. Of the various services available, we focus on the remote terminal over a session channel, a classical use of SSH. The happy flow consists of opening a session channel, \textsc{ch\_open}, requesting a ``pseudo terminal'' \textsc{ch\_request\_pty}, optionally sending and managing data via the messages \textsc{ch\_send\_data}, \textsc{ch\_window\_adjust}, \textsc{ch\_send\_eof}, and eventually closing the channel via \textsc{ch\_close}, as depicted in Figure~\ref{fig:hf-conn}.
%\marginpar{\tiny Erik: to match this text, the figure should include a cycle
%for \textsc{ch\_send\_data}, \textsc{ch\_window\_adjust}, \textsc{ch\_send\_eof}??}
%Because the connection protocol offers a wide range of functionalities, we it is hard to define a single happy flow. Requesting a terminal is one of the main features of SSH and has therefore been selected as the happy flow. This behaviour is typically triggered by the trace \textsc{ch\_open}; \textsc{ch\_request\_pty}. Other
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment