this post was submitted on 15 Nov 2023
4 points (100.0% liked)

Security News

2458 readers
1 users here now

founded 2 years ago
MODERATORS
jerry@infosec.pub
4
New SSH Vulnerability - Schneier on Security (www.schneier.com)
submitted 1 year ago by IllNess@infosec.pub to c/securitynews@infosec.pub
1 comments fedilink hide all child comments
top 1 comments
sorted by: hot top controversial new old
[–] MrPoopyButthole@lemmy.world 4 points 1 year ago

The countermeasure to the attacks we describe in this paper is well known: implementations should validate signatures before sending them. OpenSSH, the most common SSH implementation we observed in this data, implements this countermeasure because it uses OpenSSL to generate signatures, and OpenSSL has included countermeasures against RSA fault attacks since 2001.