Slashdot Mirror

← Back to Stories (view on slashdot.org)

Flaw Made Public In OpenSSH Encryption

Posted by timothy on from the days-to-whom dept.

alimo20 writes "Researchers at the Royal Holloway, University of London have discovered a flaw in Version 4.7 of OpenSSH on Debian/GNU Linux. According to ISG lead professor Kenny Patterson, an attacker has a 2^{-18} (that is, one in 262,144) chance of success. Patterson tells that this is more significant than past discoveries because 'This is a design flaw in OpenSSH. The other vulnerabilities have been more about coding errors.' The vulnerability is possible by a man-in-the-middle intercepting blocks of encrypted material as it passes. The attacker then re-transmits the data back to the server and counts the number of bytes before the server to throws error messages and disconnects the attacker. Using this information, the attacker can work backwards to figure out the first 4 bytes of data before encryption. 'The attack relies on flaws in the RFC (Request for Comments) internet standards that define SSH, said Patterson. ... Patterson said that he did not believe this flaw had been exploited in the wild, and that to deduce a message of appreciable length could take days.'"

11 of 231 comments (clear)

  1. Good Thing by neoform · · Score: 5, Funny

    Whew. Glad I use Telnet.

    --
    MABASPLOOM!
    1. Re:Good Thing by timeOday · · Score: 5, Funny

      But telnet transmits your credentials unencrypted! To be super-secure I simply avoid transmitting them in the first place...

      root@host# nc -l -p 1999 -c bash

      user@otherhost: nc otherhost 1999
      whoami
      rm -fR /

      (PS don't actually do this)

  2. Re:Not much of a threat... by .sig · · Score: 3, Funny

    Anyone else remember when stone tablets were the usual target, and cave drawings considered "safe"?

    --
    -Space for rent
  3. Re:Old version = old news by Prof.Phreak · · Score: 4, Funny

    O_o

    $ ssh -V
    OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003

    --

    "If anything can go wrong, it will." - Murphy

  4. Re:Design flaw by Culture20 · · Score: 4, Funny

    Why does this only effect Debian?

    Damnit, it's affect.

    Not if the openSSH flaw were causing Debian to exist. Then it would be effecting Debian.
    http://crofsblogs.typepad.com/english/2005/08/effect_as_a_ver.html

  5. Re:SSH standard by SoupGuru · · Score: 3, Funny

    Also, dude, chink is not the preferred nomenclature. Asian-American, please.

    --
    What doesn't kill you only delays the inevitable
  6. Re:OKay by swillden · · Score: 4, Funny

    The 2^-18 is _really_scary_

    The 'first 4 bytes', not so much.

    So, meh. Of course true hardcore cryptanalysts are sure to be already ditching OpenSSH or maybe piping it through GPG first.

    Fuck gubfr onfgneqf, ebg13 vf tbbq rabhtu sbe nalbar.

    Allow me to translate:

    $ echo "Fuck gubfr onfgneqf, ebg13 vf tbbq rabhtu sbe nalbar." | caesar
    Shpx those bastards, rot13 is good enough for anyone.

    --
    Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  7. Re:SSH standard by FMZ · · Score: 5, Funny

    Hmmm.... k. Seems there's an Asian-American in the armor of OpenSSH

  8. Re:Wait, what? by lgw · · Score: 3, Funny

    All those hippie OSs look the same. Take a bath, cut your hair, and use a secure OS like WIndows.

    --
    Socialism: a lie told by totalitarians and believed by fools.
  9. Re:Old version = old news by RazzleDazzle · · Score: 4, Funny

    More importantly: can you send me the output of "ifconfig" and "lynx -dump http://www.ipchicken.com/"

    --
    ZERO ZERO ONE ZERO ONE ZERO ONE ONE! Just brushing up for my next big invention: Ethernet over Voice (EoV)
  10. Re:Old version = old news by X0563511 · · Score: 4, Funny

    eix-sync && emerge -auDNtv world; sleep 1374261893645973165479613; echo "FINALLY!"

    --
    For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...