Crypto boffins question SSH security

    Date23 Aug 2001
    CategoryCryptography
    3169
    Posted ByAnthony Pell
    Cryptographic researchers have identified flaws in Secure Shell (SSH) which might allow hackers to obtain information about a user's password or traffic being sent using the secure protocol. SSH has two weaknesses which might be exploited by traffic analysis that looked . . . Cryptographic researchers have identified flaws in Secure Shell (SSH) which might allow hackers to obtain information about a user's password or traffic being sent using the secure protocol. SSH has two weaknesses which might be exploited by traffic analysis that looked at the timing of keystrokes, according to a paper published by University of California, Berkeley researchers on the subject.

    Firstly, if a block cipher is used, transmitted packets are packed with only an eight-bit boundary, which reveals the approximate size of original data. The second issue is that while in interactive mode every keystroke a user types is sent in a separate IP packet after a key is pressed, which gives information on a user's typing.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"4","type":"x","order":"1","pct":44.44,"resources":[]},{"id":"56","title":"No","votes":"5","type":"x","order":"2","pct":55.56,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.