Vulnerabilities Discovered in Internet Standard SSH

What we have basically discovered is that some security-relevant parts of the standard are broken,” says IT Security researcher Marcus Brinkmann.

Cryptographic protocols work in the background whenever we are online to enable secure communication within the network. Apart from the popular TLS protocol, SSH (Secure Shell) is primarily used where servers are administered remotely. Researchers Marcus Brinkmann, Fabian Bäumer and Professor Jörg Schwenk from the Chair of Network and Data Security at Ruhr University Bochum have now discovered critical vulnerabilities within this protocol. “What we have basically discovered is that some security-relevant parts of the standard are broken,” explains Marcus Brinkmann. Attackers can thus be able to delete data from the secure connection. The team from the Faculty of Computer Science recently published their research finding to ensure that the vulnerabilities can be fixed quickly. SSH software providers have already been informed in advance as part of a Responsible Disclosure procedure.

“Since SSH is a protocol that is primarily used by system administrators, it is less well known to the public than TLS, for example. But attacks on SSH can be more critical because, in the worst-case scenario, attackers can gain full control of the entire server through such a vulnerability,” explains Fabian Bäumer. There are over 15 million servers on the Internet that support this protocol. SSH is also used in network devices such as routers. That’s why the work, part of a research project of the Cluster of Excellence CASA “Cyber Security in the Age of Large-Scale Adversaries”, is relevant for companies worldwide. Until December 18, 2023, it was subject to a (news) embargo as part of responsible disclosure. Such an embargo gives companies sufficient time to rectify the vulnerabilities discovered by the scientists.


Standard was considered to be reliable

Their discovery is special because SSH is a standard security protocol that was considered reliable, especially since new algorithms were developed for it almost 10 years ago. “Attacks that were known were related to the initial key exchange or the connection security. This is the first time we have considered both components together,” explains Fabian Bäumer. This new approach to the cryptography of the protocol enabled the researchers to discover that attackers cannot read encrypted messages using a man-in-the-middle attack, but can delete them at the beginning of the connection in order to reduce the security of the connection.

“Such an attack requires special resources,” says Fabian Bäumer. “Normally, it is rarely possible for a normal attacker to act as a man-in-the-middle, but if we imagine attackers with extensive resources, such as nation states, it is certainly conceivable.” The work is thus an example of the groundbreaking research at the CASA Cluster of Excellence, which aims to make a fundamental contribution to the digital security of business, politics and society.


No reason to panic

But the researchers warn that there is no reason to panic. It is true that, in principle, everyone who uses SSH in any way is affected. However, as numerous providers, including the developers of the open source implementation OpenSSH, were notified in advance, these vulnerabilities have in most cases already been fixed in the software – these new versions must now be installed quickly. For administrators, the researchers offer a “Vulnerability Scanner” to find out whether their client or server is vulnerable. Further information can be found in a preprint publication.