Security News > 2023 > December > Terrapin attacks can downgrade security of OpenSSH connections

Terrapin attacks can downgrade security of OpenSSH connections
2023-12-19 17:03

This manipulation lets attackers remove or modify messages exchanged through the communication channel, which leads to downgrading the public key algorithms used for user authentication or disabling defenses against keystroke timing attacks in OpenSSH 9.5.

"The Terrapin attack exploits weaknesses in the SSH transport layer protocol in combination with newer cryptographic algorithms and encryption modes introduced by OpenSSH over 10 years ago."

A Terrapin attack lowers the security of the established connection by truncating important negotiation messages without the client or server noticing it.

Researchers from the Ruhr University Bochum developed the Terrapin attack and also discovered exploitable implementation flaws in AsyncSSH. The weaknesses and flaws associated with the attack are bow identified as CVE-2023-48795, CVE-2023-46445 and CVE-2023-46446.

One thing to note about Terrapin is that the attackers need to be in an adversary-in-the-middle position at the network layer to intercept and modify the handshake exchange, and the connection must be secured by either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC. The data in the messages exchanged after the completion of the handshake determines the severity of the attack's repercussions.

"The Terrapin attack exploits weaknesses in the SSH transport layer protocol in combination with newer cryptographic algorithms and encryption modes introduced by OpenSSH over 10 years ago," say the researchers, adding that "These have been adopted by a wide range of SSH implementations, therefore affecting a majority of current implementations."


News URL

https://www.bleepingcomputer.com/news/security/terrapin-attacks-can-downgrade-security-of-openssh-connections/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-12-18 CVE-2023-48795 Improper Validation of Integrity Check Value vulnerability in multiple products
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack.
5.9
2023-11-14 CVE-2023-46446 Authorization Bypass Through User-Controlled Key vulnerability in Asyncssh Project Asyncssh
An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack."
network
high complexity
asyncssh-project CWE-639
6.8
2023-11-14 CVE-2023-46445 Insufficient Verification of Data Authenticity vulnerability in Asyncssh Project Asyncssh
An issue in AsyncSSH before 2.14.1 allows attackers to control the extension info message (RFC 8308) via a man-in-the-middle attack, aka a "Rogue Extension Negotiation."
network
high complexity
asyncssh-project CWE-345
5.9