[Ach] OpenSSH ETM implementation error
Aaron Zauner
azet at azet.org
Tue Jun 21 22:52:08 CEST 2016
> On 21 Jun 2016, at 22:18, Alexander Wuerstlein <arw at cs.fau.de> wrote:
>
> On 2016-06-21T09:18, Aaron Zauner <azet at azet.org> wrote:
>>
>>> On 21 Jun 2016, at 14:55, Aaron Zauner <azet at azet.org> wrote:
>>>
>>> Hi,
>>>
>>> Our recommendations go with EtM in OpenSSH, Kenny Paterson published this slide deck recently: http://www.turing-gateway.cam.ac.uk/documents/tgmw35/Kenny%20Paterson.pdf
>>>
>>> They identify a CBC timing oracle (not much used anymore) but more importantly: they identify a error in the generic Encrypt-then-Mac implementation in OpenSSH which is used quite a lot. I'm not aware of upstream patches.
>>
>> Follow-up: https://twitter.com/kennyog/status/745153366699827205
>
> Is there any more specific description of the problem? Somehow I can't
> really make sense of the slides regarding EtM problems, there are
> references to papers, e.g. on slide 56, but I can't even find the paper.
> Let alone make sense of the slides.
I believe this paper is yet to be published.
The slides pretty much tell what the problem here is but apparently they could not actively exploit it.
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20160622/683930dd/attachment.sig>
More information about the Ach
mailing list