[Cryptography] SSH vulnerability when using passwords
Nico Williams
nico at cryptonector.com
Wed Jan 7 01:34:07 EST 2015
On Tue, Jan 06, 2015 at 06:51:42PM -0800, Abe Singer wrote:
> IIRC, That attack actually depends on on which authentication method
> gets used for password authentication. The "password" method described
> in RFC 4252 sends the password all at once (if/how it gets fragmented
> by the transport and crypto layer is left as an exercise for the reader).
>
> The challenge-response method defined in RFC 4256 sends keystrokes one
> at a time and is vulnerable to timing analysis. [...]
Neither sends a password a character at a time. RFC4256 is designed
with PAM in mind, which also doesn't have the application feed passwords
one character at a time to the API.
Nico
--
More information about the cryptography
mailing list