Fabian Bäumer

@[email protected]
82 Followers
23 Following
14 Posts
PhD Student @ruhr-uni-bochum | 🐢 Terrapin Attack | Interested in anything related to SSH and protocol security in general
Blueskyhttps://bsky.app/profile/skrillor.bsky.social
Fabian BäumerApr 15, 2024
Show threadThomas H. PtacekApr 15, 2024

Sean's writeup of the mechanics of this attack in his Cryptopals set 8 is *so good*.

https://cryptopals.com/sets/8/challenges/62.txt

Fabian BäumerApr 15, 2024
lambdafuApr 15, 2024
We found a critical vulnerability in #PuTTY SSH client with NIST P-521 keys, that allows private key recovery from only 60 signatures, CVE-2024-31497! If you use #Putty or #Filezilla with ECDSA P-521, upgrade now and generate a new key! Joint work with @Skrillor!
Fabian BäumerApr 15, 2024
Simon TathamApr 15, 2024

We've released #PuTTY version 0.81. This is a SECURITY UPDATE, fixing a #vulnerability in ECDSA signing for #SSH.

If you've used a 521-bit ECDSA key (ecdsa-sha2-nistp521) with any previous version of PuTTY, consider it compromised! Generate a new key pair, and remove the old public key from authorized_keys files.

Other key types are not affected, even other sizes of ECDSA. In particular, Ed25519 is fine.

This vulnerability has id CVE-2024-31497. Full information is at https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html

PuTTY vulnerability vuln-p521-bias

Fabian BäumerMar 21, 2024
I'll be giving a talk about our latest finding, the Terrapin Attack, at @realworldcrypto next week. Make sure to get up early on Tuesday if you happen to be there 😜 I'm looking forward to meeting you all, crypto folks! 🤗
Fabian BäumerJan 9, 2024
Show threadDFN-CERTJan 4, 2024

thx @lambdafu, @Skrillor et al @ RUB for the excellent research on the [Terrapin Attack](https://terrapin-attack.com).

The #Terrapin Scanner is available here:
https://github.com/RUB-NDS/Terrapin-Scanner

For Your reference:

- CVE-2023-48795: General Protocol Flaw
- CVE-2023-46445: Rogue Extension Negotiation Attack in AsyncSSH
- CVE-2023-46446: Rogue Session Attack in AsyncSSH

Terrapin Attack

Show threadFabian BäumerDec 21, 2023
Some patches still need packaging by OS vendors before they become available via your system's package manager. Check your OS vendor's site for more details.
Fabian BäumerDec 21, 2023
We prepared a comprehensive list of implementations supporting "strict kex" over at https://terrapin-attack.com/patches.html. If you're in doubt for your server or client, check it out. PRs welcome 😉
Terrapin Attack - Patches

Show threadFabian BäumerDec 20, 2023
@djm That's what we intended, glad to see it worked out. 😀​ Having a cluttered mess for a protocol-level vulnerability won't help anyone.
Fabian BäumerDec 20, 2023
Damien MillerDec 20, 2023
Nice to see ... basically everyone adopt OpenSSH's mitigation to the Terrapin attack https://www.openwall.com/lists/oss-security/2023/12/19/5
oss-security - Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)

Show threadFabian BäumerDec 19, 2023
@dangoodin @trueskrillor Here I am 😀​