SSH Traffic Analysis

Speaker: Solar Designer


This presentation covers several weaknesses in common
implementations of “secure” (encrypted) remote login proto-cols,
with SSH (Secure Shell) protocols as the particular
example. When exploited, these weaknesses allow an attacker
to obtain sensitive information by passively monitoring
encrypted remote login sessions. Such information may later
be used to speed up brute-force attacks on passwords,
including the initial login password and other passwords
appearing in interactive login sessions. The traffic analysis
attacks will be demonstrated. Countermeasures to reduce the
impact of traffic analysis are proposed.