Cryptographic Keys Protecting SSH Connections Exposed

Dan Goodin, *Ars Technica*, 13 Nov 2023, via ACM Tech News

Researchers at the University of California, San Diego (UCSD) demonstrated
that a large portion of cryptographic keys used to protect data in
computer-to-server SSH traffic is vulnerable, and were able to calculate the
private portion of almost 200 unique SSH keys they observed in public
Internet scans. The vulnerability occurs when there are errors during the
signature generation that takes place when a client and server are
establishing a …

acm ars technica california computer connections cryptographic dan dan goodin data exposed keys large nov private protect protecting researchers san san diego server ssh ssh keys tech traffic university university of california vulnerable