[ISN] Researchers develop SSH cracker

From: InfoSec News (isnat_private)
Date: Wed Aug 22 2001 - 02:59:31 PDT

  • Next message: InfoSec News: "[ISN] The trouble with Hotmail"

    By James Middleton 
    Researchers at the University of California at Berkeley have
    discovered more vulnerabilities in Secure Shell (SSH) which allow an
    attacker to learn significant information about what data is being
    transferred in SSH sessions, including passwords.
    SSH was designed as a secure channel between two machines, based on
    strong encryption and authentication. But by observing the rhythm of
    keystrokes, and using advanced statistical techniques on timing
    information collected, attackers can pick up significant details.
    Each keystroke from a user is immediately sent to the target machine
    as a separate IP packet. By performing a statistical study on a user's
    typing patterns, and applying a key sequence prediction algorithm, the
    researchers managed to successfully predict key sequences from
    inter-keystroke timings.
    A password cracker program, dubbed Herbivore, was developed on the
    back of the research. Herbivore is capable of learning a user's
    password by monitoring SSH sessions.
    "Unfortunately, SSH is not as bullet proof as one would hope. Our
    attack shows that an eavesdropper can learn sensitive information
    about a user's data, such as passwords, over SSH," said Dawn Xiaodong
    Song, one of the researchers.
    Another vulnerability allowing remote access to SSH accounts with two
    character passwords was also discovered last week.
    A white paper, entitled Timing Analysis of Keystrokes and Timing
    Attacks on SSH, is available here.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Wed Aug 22 2001 - 05:10:26 PDT