RE: How to decrypt a connection SSH v2?

["Gary E. Miller" <gem () rellim com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo Paul!

On Thu, 10 Jul 2008, Paul Melson wrote:

> > I assume if the attacker has the public and private keys from not just
> > one, but both ends, that PFS is not an obstacle.

> It's my understanding that even if you have both endpoints' public and
> private key pairs, that's not enough to recreate the ephemeral keys used
> during a particular session.  Without those keys, the packet capture cannot
> be decrypted.

Read the RFC and tell me that again:
        http://tools.ietf.org/html/rfc4253#section-8

        "The Diffie-Hellman (DH) key exchange provides a shared secret
        that cannot be determined by either party alone. "
                                  ^^^^^^^^^^^^^^^^^^^^^^

The whole point if the key exchange is to use both sets of
public/private keys to generate this shared secret, and only those 4
keys.  If you possess those 4 keys then game over, you can decode the
shared key.

Looks to me that the RFC tells you all you need to know to recover
the shared secret.    If someone had some time on their hands
they could probably grab most of the needed code out of the openssh
code.

RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701
        gem () rellim com  Tel:+1(541)382-8588

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFIdkX/8KZibdeR3qURAqX2AJoDno9k9Onk6W5ZpGbMF1eCxKBGBwCZAYA2
bDDCaensdMGUAl9j+ZaWz7o=
=CXfX
-----END PGP SIGNATURE-----


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------