OpenSSH chink bares encrypted data packets

[InfoSec News <alerts () infosecnews org>]

http://www.theregister.co.uk/2009/05/19/open_ssh_hack/

By Dan Goodin
The Register
19th May 2009 

Cryptographers are urging users of a widely employed network protocol to 
make sure they're running the latest version after discovering a flaw 
that could allow attackers to read data that's supposed to remain 
encrypted.

All programs that incorporate the OpenSSH implementation of SSH, short 
for Secure Shell, should make sure they use version 5.2, which provides 
several countermeasures to prevent the attacks. Other SSH 
implementations may be vulnerable as well, the researchers from the 
Information Security Group at the University of London's Royal Holloway 
said.

The attack exploits subtle differences in the way SSH software reacts 
when encountering errors during cryptographic processing. By directing 
specially manipulated packets at the application, an attacker has a one 
in 262,144 chance of recovering 32 bits of plaintext from an arbitrary 
chunk of ciphertext.

While those are extremely limited odds, the design flaw still poses a 
significant threat given the way many applications that employ SSH work. 
VPNs, or virtual private networks, for example, repeatedly reconnect to 
a server extremely rapidly each time they are disconnected. With some 
programs reconnecting several times per second, a determined attacker 
might find ample opportunity to succeed.

[...]


--
LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information