Access via Secure Shell (SSH) is one of the most important options for remote access to systems, for example for administration, and is generally considered very secure. However, a team of researchers demonstrates that by simply passively logging SSH access, they can reconstruct the RSA keys used and then use them for targeted attacks. Responsible for this are SSH implementations that have not yet implemented the necessary protection measures against known errors.
Hardware occasionally fails. The Rowhammer attack, for example, demonstrated that mass access to memory cells can trigger a so-called bit flip, that is, the change of a memory cell from 1 to 0. Even without an attacker, these and other hardware errors they occur occasionally. It’s very rare, but if you look at billions of connection attempts, some of them will fail the cryptographic signature calculation, causing the connection to be aborted.
Incorrect signature reveals key
If an attacker observes such errors when establishing a connection, they may be able to extract the secret RSA key from the server that created the incorrect signature. To do this, Ryan et al developed a special “lattice attack” to calculate the RSA key used. In appropriate circumstances, a single incorrect signature is sufficient. To find them, they examined more than 5 billion SSH connection attempts and were able to reconstruct at least 189 RSA keys.
With such a key, the attacker still cannot simply passively listen to encrypted connections or decrypt them later. But in certain circumstances it allows you to present the desired server to the requesting client and thus put yourself in the position of intermediary. However, this requires active intervention in a connection.
The fact that these types of errors occur and can become a security problem in cryptographic functions has been known for a long time and has already been concretely demonstrated with TLS. With current TLS 1.3, the handshake to establish the connection is already encrypted, so passive eavesdroppers cannot read the signatures, regardless of whether they are correct or incorrect.
Older TLS implementations typically protect against these “RSA failover attacks” by re-verifying the calculated signature before sending it. With SSH, it was previously assumed that these signature errors could not be exploited. However, most SSH implementations also have these types of protection measures, although, like OpenSSH, they received them for free through OpenSSL, which was secured many years ago.
Zyxel vulnerable SSH and IPsec
The decrypted keys came primarily from Zyxel devices reported by a “Zyxel SSH server.” Researchers suspect that these are probably “ZyWALL firewall devices.” Zyxel explained that this could only affect older devices with “ZLD firmware version V3.30” at most; The current systems included the non-vulnerable OpenSSH server.
The researchers also found vulnerable SSH servers with an identifier “SSH-2.0-SSHD” and “Mocana” that they could not accurately identify, as well as an incorrect signature from a Cisco server. Additionally, the researchers point out that IPSec with IKEv1 and IKEv2 are also fundamentally vulnerable to these types of attacks. However, their current database does not allow statements to be made about specific vulnerable implementations. This is a possible topic for future research, they explain at the end of the article Passive SSH Key Compromise via Lattices.