Understanding the Terrapin Attack: A New Threat to OpenSSH
Researchers at Ruhr University Bochum have discovered a new threat to OpenSSH security known as the Terrapin attack. This sophisticated attack manipulates sequence numbers during the handshake process, compromising the integrity of the SSH channel when some commonly used encryption options are used.
Terrapin Attack Details
Unlike traditional security breaches, the Terrapin attack focuses on manipulating sequence numbers during the handshake process, exploiting vulnerabilities in the SSH transport layer protocol. This manipulation allows attackers to tamper with messages exchanged through the communication channel, subsequently downgrading public key algorithms and disabling defenses against keystroke timing attacks in OpenSSH 9.5.
A notable consequence of the Terrapin attack is the lowered security of the established connection, achieved by truncating critical negotiation messages without detection by either the client or server. This manipulation occurs after the completion of the handshake, with the severity of the attack’s repercussions dependent on the data in the exchanged messages.
Identified Weaknesses and Flaws
The vulnerabilities and weaknesses linked to the Terrapin attack have been identified by the researchers and are categorized as CVE-2023-48795, CVE-2023-46445, and CVE-2023-46446. These identifiers function as points of reference for comprehending and resolving attack-related vulnerabilities.
The research team has released a Terrapin vulnerability scanner on GitHub to help admins find vulnerabilities. By allowing users to ascertain whether an SSH client or server is vulnerable to the Terrapin attack, this program offers a proactive means of mitigating any security issues.
Attack Requirements and Mitigation Strategies
Attackers must be positioned in an adversary-in-the-middle (MiTM) role at the network layer to intercept and alter the handshake exchange for the Terrapin attack to be successful. Either CBC with Encrypt-then-MAC or ChaCha20-Poly1305 must be used to secure the intended connection. Despite these particular criteria, the attack is feasible in real-world circumstances due to the widespread deployment of the described encryption techniques (77% according to scans).
Several vendors are actively working on mitigating the security implications of the Terrapin attack. One proposed solution involves implementing a strict key exchange, rendering package injection during the handshake unattainable. However, achieving universal implementation of such measures will take time, and it’s important to note that the effectiveness of the strict key exchange countermeasure depends on its implementation on both the client and server sides.
The Terrapin attack highlights the evolving nature of cybersecurity threats and how important it is to be vigilant. While vendors work on mitigating the vulnerabilities associated with Terrapin, administrators are encouraged to stay informed and utilize available tools to assess the security posture of their SSH implementations.
The sources for this article include a story from BleepingComputer.