SSH protects the world’s most sensitive networks. It just got a lot weaker
'Named Terrapin, the new hack works only when an attacker has an active adversary-in-the middle position on the connection between the admins and the network they remotely connect to. Also known as a man-in-the-middle or MitM attack, this occurs when an attacker secretly positioned between two parties intercepts communications and assumes the identity of both the recipient and the sender. This provides the ability to both intercept and to alter communications. While this position can be difficult for an attacker to achieve, it’s one of the scenarios from which SSH was thought to have immunity. For Terrapin to be viable, the connection it interferes with also must be secured by either "ChaCha20-Poly1305" or "CBC with Encrypt-then-MAC," both of which are cipher modes added to the SSH protocol (in 2013 and 2012, respectively). A scan performed by the researchers found that 77 percent of SSH servers exposed to the Internet support at least one of the vulnerable encryption modes, while 57 percent of them list a vulnerable encryption mode as the preferred choice. At its core, Terrapin works by altering or corrupting information transmitted in the SSH data stream during the handshake—the earliest stage of a connection, when the two parties negotiate the encryption parameters they will use to establish a secure connection. The attack targets the BPP, short for Binary Packet Protocol, which is designed to ensure that adversaries with an active position can't add or drop messages exchanged during the handshake. Terrapin relies on prefix truncation, a class of attack that removes specific messages at the very beginning of a data stream.' -- source: https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integ... This SUSE knowledge base entry lists some configuration changes that one can apply (section "Additional Information"): https://www.suse.com/de-de/support/kb/doc/?id=000021295 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, Hamilton, NZ Mobile +64 22 190 2375 https://www.cs.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/
On Wed, 20 Dec 2023 13:19:09 +1300, Peter Reutemann wrote:
-- source: https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integ...
I found this part hilarious: While the risk Terrapin poses varies, it invalidates proofs published in 2016 that concluded such attacks weren’t possible. The real lesson is that practical evaluations, like the one provided in Monday’s research, are crucial for revealing previously overlooked flaws in such proofs. This reminds me of a quote from Donald Knuth, back in the day: “Beware of bugs in the above code; I have only proved it correct, not tried it.” In computer programming, we rely primarily on testing to assure ourselves that our code is correct. In some reliability-critical applications, one may also find use of techniques to try to prove programs correct. These tend to take a lot more effort to apply, which is why they are not more widely used. Also I have always wondered about how you might find bugs in such proofs. Conversely, mathematics is all about proving theorems correct. If there was a way to somehow test those theorems as well, it seems to me that would be useful for uncovering potential bugs in those proofs.
participants (2)
-
Lawrence D'Oliveiro -
Peter Reutemann