A vulnerability exists in SSH messages that employ CBC mode that may allow an attacker to recover plaintext from a block of ciphertext.
The Secure Shell (SSH) is a network protocol that creates a secure channel between two networked devices in order to allow data to be exchanged. SSH can create this secure channel by using Cipher Block Chaining (CBC) mode encryption. This mode adds a feedback mechanism to a block cipher that operates in a way that ensures that each block is used to modify the encryption of the next block.
SSH contains a vulnerability in the way certain types of errors are handled. Attacks leveraging this vulnerabilty would lead to the loss of the SSH session. According to CPNI Vulnerability Advisory SSH:
An attacker may be able to recover up to 32 bits of plaintext from an arbitrary block of ciphertext.
We are currently unaware of a practical solution to this problem.
Use CTR Mode
Redback Networks, Inc.
SSH Communications Security Corp
Wind River Systems, Inc.
Thanks to CPNI for reporting this vulnerability.
This document was written by Chris Taschner.
|Date First Published:||2008-11-24|
|Date Last Updated:||2009-01-12 20:26 UTC|