this post was submitted on 15 Nov 2023
4 points (100.0% liked)

Security News

2458 readers
1 users here now

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] MrPoopyButthole@lemmy.world 4 points 1 year ago

The countermeasure to the attacks we describe in this paper is well known: implementations should validate signatures before sending them. OpenSSH, the most common SSH implementation we observed in this data, implements this countermeasure because it uses OpenSSL to generate signatures, and OpenSSL has included countermeasures against RSA fault attacks since 2001.