Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 515
Alerts This Week
Warning Icon 1 515

SSH Vulnerabilities Put User Data At Risk Of Traffic Analysis Attacks

General Esm H446
Cryptographic researchers have identified flaws in Secure Shell (SSH) which might allow hackers to obtain information about a user's password or traffic being sent using the secure protocol. SSH has two weaknesses which might be exploited by traffic analysis that looked . . . Cryptographic researchers have identified flaws in Secure Shell (SSH) which might allow hackers to obtain information about a user's password or traffic being sent using the secure protocol. SSH has two weaknesses which might be exploited by traffic analysis that looked at the timing of keystrokes, according to a paper published by University of California, Berkeley researchers on the subject.

Firstly, if a block cipher is used, transmitted packets are packed with only an eight-bit boundary, which reveals the approximate size of original data. The second issue is that while in interactive mode every keystroke a user types is sent in a separate IP packet after a key is pressed, which gives information on a user's typing.

The link for this article located at TheRegister is no longer available.