Nov. 15, 2023, 5:51 p.m. | Bruce Schneier

Security Boulevard securityboulevard.com

This is interesting:



For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established.


[…]


The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection. It affects only keys using the RSA cryptographic algorithm, which the researchers found …

academic papers compromise computational computer cryptographic cryptography data errors keys large protect researchers server signature signatures ssh traffic vulnerabilities vulnerability vulnerable

Information Security Engineers

@ D. E. Shaw Research | New York City

Anti-fraud and Compliance Support Agent (Armenia)

@ Manychat | Yerevan, Armenia

ATC Instructor - Cybersecurity

@ Fulton County Schools | Atlanta, GA, US, 30339

Senior Cyber Threat Intel Analyst

@ Maveris | Washington, District of Columbia, United States - Remote

Head of Information Security

@ Catawiki | The Hague, Netherlands

Security Architect

@ Ocorian | London, United Kingdom