Plaintext recovery attacks against SSH

Proceedings - IEEE Symposium on Security and Privacy

Volumn , Issue , 2009, Pages 16-26

  Albrecht, Martin R ^a   Paterson, Kenneth G ^a   Watson, Gaven J ^a  

^a UNIVERSITY OF LONDON   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

BLOCK CIPHERS; CIPHERTEXTS; PLAINTEXT; PROOF OF CONCEPT; PROVABLE SECURITY; RECOVERY ATTACKS;

CRYPTOGRAPHY; NETWORK SECURITY;

INTERNET PROTOCOLS;

EID: 70449625225     PISSN: 10816011     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SP.2009.5     Document Type: Conference Paper

References (27)

1. M. Bellare, T. Kohno, and C. Namprempre. Breaking and Provably Repairing the SSH Authenticated Encryption Scheme: A Case Study of the Encode-then-Encrypt-and-MAC Paradigm. ACM Transactions on Information and Systems Security, 7(2):206-241, 2004.
2. M. Bellare, T. Kohno, and C. Namprempre. The Secure Shell (SSH) Transport Layer Encryption Modes, RFC 4344, Jan. 2006. http://www.ietf.org/rfc/rfc4344. txt.
3. M. Bellare and C. Namprempre. Authenticated Encryption: Relations Among Notions and Analysis of the Generic Composition Paradigm. In T. Okamoto, editor, Proccedings of ASIACRYPT 2000, LNCS 1976, pp. 531-545. Springer-Verlag, 2000.
4. Denis Bider, personal communication, 18/11/2008.
5. D. Bleichenbacher. Chosen Ciphertext Attacks against Protocols Based on RSA Encryption Standard PKCS #1. In H. Krawczyk, editor, Proccedings of CRYPTO 1998, LNCS 1462, pp. 1-12. Springer-Verlag, 1998.
6. D. Boneh and D. Brumley. Remote timing attacks are practical. In Proceedings of the 12th Usenix Security Symposium, 2003.
7. B. Canvel, A.P. Hiltgen, S. Vaudenay, and M. Vuagnoux. Password Interception in a SSL/TLS Channel. In D. Boneh, editor, Proccedings of CRYPTO 2003, LNCS 2729, pp. 583-599. Springer-Verlag, 2003.
8. CPNI Vulnerability Advisory. Plaintext Recovery Attack Against SSH. http://www.cpni.gov.uk/Docs/Vulnerability-Advisory-SSH.txt, 14/11/2008 (revised 17/11/2008).
9. W. Dai. An Attack Against SSH2 Protocol. Email to the SECSH Working Group available from ftp://ftp.ietf.org/ietf-mail-archive/secsh/2002-2102.mail, 6th Feb. 2002.
10. J.-P. Degabriele and K.G. Paterson. Attacking the IPsec Standards in Encryption-only Configurations. In IEEE Symposium on Security and Privacy, pp. 335-349, IEEE Computer Society, 2007.
11. T. Dierks and E. Rescorla. The Transport Layer Security (TLS) Protocol, Version 1.1, RFC4346, April 2006. http://www.ietf.org/rfc/rfc4346.txt.
12. A. Joux, G. Martinet and F. Valette. Blockwise-adaptive attackers: Revisiting the (in)security of some provably secure encryption models: CBC, GEM, IACBC. In Moti Yung, editor, CRYPTO, LNCS 2442, pp. 17-30, Springer-Verlag, 2002.
13. OpenSSH Project, http://www.openssh.org/.
14. OpenSSH Security Advisory: cbc.adv, http://www.openssh.com/txt/cbc.adv, 21/11/2008.
15. OpenSSH Security, http://www.openssh.org/security.html.
16. K.G. Paterson and G.J. Watson. Immunising CBC Mode Against Padding Oracle Attacks: A Formal Security Treatment. In R. Ostrovsky, R. De Prisco and I. Visconti, editors, SCN 2008, LNCS 5229, pp. 340-357, Springer-Verlag, 2008.
17. K.G. Paterson and A.K.L. Yau. Cryptography in Theory and Practice: The Case of Encryption in IPsec. In S. Vaudenay, editor, Eurocrypt 2006, LNCS 4004, pp. 12-29, Springer- Verlag, 2006.
18. Scapy Homepage, http://www.secdev.org/projects/scapy/.
19. SSHFS Homepage, http://fuse.sourceforge.net/sshfs.html.
20. SSH usage profiling, http://www.openssh.org/usage/index.html.
21. D. Song, D. Wagner and X. Tian. Timing Analysis of Keystrokes and Timing Attacks on SSH. In 10th USENIX Security Symposium, 2001, http://www.usenix.org/ publications/library/proceedings/sec01/song.html.
22. Unites States Computer Emergency Readiness Team (USCERT). Vulnerability Note VU#958563 - SSH CBC vulnerability. http://www.kb.cert.org/vuls/id/958563, 24/11/2008 (revised 12/01/2009).
23. S. Vaudenay. Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS .... In L.R. Knudsen, editor, Proceedings of EUROCRYPT 2002, LNCS 2332, pp. 534-546, Springer-Verlag, 2002.
24. T. Ylonen and C. Lonvick. The Secure Shell (SSH) Protocol Architecture, RFC 4251, Jan. 2006. http://www.ietf.org/rfc/rfc4251.txt
25. T. Ylonen and C. Lonvick. The Secure Shell (SSH) Authentication Protocol, RFC 4252, Jan. 2006. http://www.ietf.org/rfc/rfc4252.txt.
26. T. Ylonen and C. Lonvick. The Secure Shell (SSH) Transport Layer Protocol, RFC 4253, Jan. 2006. http://www.ietf.org/rfc/rfc4253.txt.
27. T. Ylonen and C. Lonvick. The Secure Shell (SSH) Connection Protocol, RFC 4254, Jan. 2006. http://www.ietf.org/rfc/rfc4254.txt.