Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
This Black Hat conference talk explores a critical vulnerability in the SSH protocol called the Terrapin Attack, which breaks channel integrity in three widely used encryption modes. Learn how this security flaw allows attackers to perform prefix truncation attacks, deleting encrypted packets at the beginning of SSH channels without detection. Discover real-world applications of this vulnerability, including how it can be exploited to downgrade public key algorithms for authentication, disable countermeasures against keystroke timing attacks in OpenSSH 9.5, and even redirect victim logins to attacker-controlled shells in AsyncSSH. The presentation reveals findings from an internet-wide scan showing 71.6% of SSH servers support vulnerable encryption modes, with 63.2% listing them as preferred choices. Understand the root causes behind these attacks: SSH handshakes with unauthenticated optional messages and failure to reset sequence numbers when activating encryption keys. The talk concludes with proposed effective and backward-compatible mitigations to secure the SSH protocol that provides access to over 15 million internet servers.
