6.5 C
New York
Sunday, January 17, 2021

RAMBleed: OpenSSH develops protection against sidechannel attacks

Must Read

Chinese Giant Panda National Park releases video of a rare albino panda

The panda, due to a rare genetic mutation, looks more like a polar bear. There is not a single dark...

Do you notice a constant hum in your ears? You’re probably missing vitamin B12

If you have a constant ringing in your ears, you probably have tinnitus. In this case, doctors recommend an injection...

How saliva can predict COVID-19 better – study

A systematic review of 37 research found that salivary samples can replace swabs to diagnose coronavirus, with better accuracy...
Kamal Saini
Kamal S. has been Journalist and Writer for Business, Hardware and Gadgets at Revyuh.com since 2018. He deals with B2b, Funding, Blockchain, Law, IT security, privacy, surveillance, digital self-defense and network policy. As part of his studies of political science, sociology and law, he researched the impact of technology on human coexistence. Email: kamal (at) revyuh (dot) com

In-memory keys are better protected by OpenSSH in the future. This should make sidechannel attacks on the main memory such as Specter, Meltdown, Rowhammer and RAMBleed more difficult. For this purpose, the private SSH keys are encrypted in memory with a symmetric key. This “is derived from a relatively large ‘prekey’ consisting of random data (currently 16 KB),” writes OpenSSH developer Damien Miller.

Attackers would have to restore the entire symmetric key with high accuracy before they could recover the private SSH key, writes Miller. “The current generation of attacks, however, has bit error rates that make it unlikely when applied cumulatively to the entire key.”

Only recently, a variant of the Rowhammer attack was introduced, with which the memory can be read out. To demonstrate the practical implications of this attack called RAMBleed, the explorers read an RSA key of an OpenSSH server on a Linux system. At the same time, it eased the attack that RSA already knows only a fragment of a private key. The rest can be calculated from it. The symmetric encryption of the OpenSSH keys in the work memory is intended to protect against such attack scenarios or at least make them much more difficult.

For eternity, however, securing the keys should not be. “Hopefully we can remove this in a few years, when the computer architecture has become less uncertain,” writes Miller.

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Latest News

Chinese Giant Panda National Park releases video of a rare albino panda

The panda, due to a rare genetic mutation, looks more like a polar bear. There is not a single dark...
- Advertisement -

More Articles Like This

- Advertisement -