Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

OpenSSH introduces a security feature to prevent Side-Channel Attacks

OpenSSH introduces a new feature to prevent Side-Channel attacks, latest release encrypts secret keys in memory as temporary solution. Memory side-channel vulnerabilities continue to threaten modern processors, Spectre, and Meltdown, Rowhammer, and RAMBleed are just some samples,  Now OpenSSH encrypts secret keys in memory against Side-Channel attacks. Many experts demonstrated variants of side-channel attacks against OpenSSH application […]

OpenSSH server

Verschluesselte Kommunikation mit OpenSSH

OpenSSH introduces a new feature to prevent Side-Channel attacks, latest release encrypts secret keys in memory as temporary solution.

Memory side-channel vulnerabilities continue to threaten modern processors, Spectre, and MeltdownRowhammer, and RAMBleed are just some samples, 

Now OpenSSH encrypts secret keys in memory against Side-Channel attacks.

Many experts demonstrated variants of side-channel attacks against OpenSSH application installed on targeted systems. In the attack scenario, a process owned by an unprivileged attacker exploits memory read vulnerabilities to steal secret SSH private keys from the memory of the target system.

That’s possible because OpenSSH has an agent that keeps a copy of your SSH key in the memory so that you don’t have to type your passphrase every time you want to connect to the same remote server.

To prevent such kind of attacks, modern operating systems by default store sensitive data in the kernel memory that is not accessible by user-level privileged processes.

Anyway, SSH keys are managed on the RAM or CPU memory in plaintext format, allowing attackers to access them with side channel attacks.

The latest version of the OpenSSH addresses this problem by implementing the encryption of the private keys before storing them into the system memory.

“Add protection for private keys at rest in RAM against speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and Rambleed. This change encrypts private keys when they are not in use with a symmetic key that is derived from a relatively large “prekey” consisting of random data (currently 16KB). Attackers must recover the entire prekey with high accuracy before they can attempt to decrypt the shielded private key, but the current generation of attacks have bit error rates that, when applied cumulatively to the entire prekey, make this unlikely.” reads the security advisory published by OpenSSH developer Damien Miller.

“Implementation-wise, keys are encrypted “shielded” when loaded and then automatically and transparently unshielded when used for signatures or when being saved/serialised.”

Miller explained that OpenSSH plans to remove this protection against side-channel attacks in a few years when computer architecture becomes less unsafe.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – OpenSSH, side-channel attacks)

[adrotate banner=”5″]

[adrotate banner=”13″]