Home page logo

nanog logo nanog mailing list archives

Re: RSA Patent Expired
From: "Richard A. Steenbergen" <ras () e-gerbil net>
Date: Wed, 4 Oct 2000 23:39:44 -0400 (EDT)

On Wed, 4 Oct 2000, Frater M.A.Ch.H. 999 wrote:

That's fine and dandy, but the bugtraq exploit that you are pointing to in
that link is, according to the bugtraq advisory, only applicable to ssh
version 1.2.27.

Other versions don't seem to be affected.

The crux of the problem is that the ssh1 protocol does not make use of
cryptographically secure MACs (message authentication code), but instead
relies on crc32 to provide integrity checks from insertion attacks. The
problem with crc32 is it was designed to detect accidental data corruption
but not to provide cryptographic verification of data integrity, so it is
possible to "somewhat" easily create "different" data with the same crc32
value. Past version 1.2.27 code was added to detect someone doing this
("crc compensation"), so its not a real concern of vulnerability. But it
is a theoretical design weakness, which is why MACs are used in ssh2.

It is up to the admins to decide if running ssh2 is worth their time.
Personally I run OpenSSH (now part of the default installation on
[Free,Open]BSD) which supports both versions of the protocol much more
seamlessly then the original ssh. Many people prefer ssh1, and keep in
mind that some systems are ssh1 only, like the SSH available for Ciscos
for example.

But enough of this thread, everyone gets the point... :P

Richard A Steenbergen <ras () e-gerbil net>   http://www.e-gerbil.net/humble
PGP Key ID: 0x138EA177  (67 29 D7 BC E8 18 3E DA  B2 46 B3 D8 14 36 FE B6)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]