Skip Navigation

Passive SSH RSA Key Compromise via Lattices

eprint.iacr.org Passive SSH Key Compromise via Lattices

We demonstrate that a passive network attacker can opportunistically obtain private RSA host keys from an SSH server that experiences a naturally arising fault during signature computation. In prior work, this was not believed to be possible for the SSH protocol because the signature included inform...

0
0 comments