all InfoSec news
Passive SSH Key Compromise via Lattices
Nov. 6, 2023, 1:54 a.m. |
IACR News www.iacr.org
ePrint Report: Passive SSH Key Compromise via Lattices
Keegan Ryan, Kaiwen He, George Arnold Sullivan, Nadia Heninger
We demonstrate that a passive network attacker can opportunistically obtain private RSA host keys from an SSH server that experiences a naturally arising fault during signature computation. In prior work, this was not believed to be possible for the SSH protocol because the signature included information like the shared Diffie-Hellman secret that would not be available to a passive network observer. We show …
attacker compromise computation eprint report experiences host key keys network private report rsa server signature ssh ssh key sullivan work
More from www.iacr.org / IACR News
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Information Security Specialist, Sr. (Container Hardening)
@ Rackner | San Antonio, TX
Principal Security Researcher (Advanced Threat Prevention)
@ Palo Alto Networks | Santa Clara, CA, United States
EWT Infosec | IAM Technical Security Consultant - Manager
@ KPMG India | Bengaluru, Karnataka, India
Security Engineering Operations Manager
@ Gusto | San Francisco, CA; Denver, CO; Remote
Network Threat Detection Engineer
@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC