Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk (Ruhr University Bochum)
Affected software
implementations of the Secure Shell (SSH) protocol including OpenSSH
Website
https://terrapin-attack.com/
The Terrapin attack is a cryptographic attack on the commonly used SSH protocol that is used for secure command-and-control throughout the Internet. The Terrapin attack can reduce the security of SSH by using a downgrade attack via man-in-the-middle interception.[1][2][3] The attack works by prefix truncation; the injection and deletion of messages during feature negotiation, manipulating sequence numbers in a way that causes other messages to be ignored without an error being detected by either client or server.[4]
According to the attack's discoverers, the majority of SSH implementations were vulnerable at the time of the discovery of the attack (2023).[4] As of January 3, 2024, an estimated 11 million publicly accessible SSH servers are still vulnerable.[5] However, the risk is mitigated by the requirement to intercept a genuine SSH session, and that the attack can only delete messages at the start of a negotiation, fortuitously resulting mostly in failed connections.[4][6] Additionally the attack requires the use of either ChaCha20-Poly1305 or a CBC cipher in combination with Encrypt-then-MAC modes of encryption.[7] The SSH developers have stated that the major impact of the attack is the capability to degrade the keystroke timing obfuscation features of SSH.[6]
The designers of SSH have implemented a fix for the Terrapin attack, but the fix is only fully effective when both client and server implementations have been upgraded to support it.[1] The researchers who discovered the attack have also created a vulnerability scanner to determine whether an SSH server or client is vulnerable.[8]
The attack has been given the CVE ID CVE-2023-48795.[9][3] In addition to the main attack, two other vulnerabilities were found in AsyncSSH, and assigned the CVE IDs CVE-2023-46445 and CVE-2023-46446.[3]
^ abGoodin, Dan (2023-12-19). "SSH protects the world's most sensitive networks. It just got a lot weaker". Ars Technica. Retrieved 2023-12-20.
^Bäumer, Fabian; Brinkmann, Marcus; Schwenk, Jörg (2023-12-19), Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation, arXiv:2312.12422
^ abc"Terrapin attacks can downgrade security of OpenSSH connections". BleepingComputer. Retrieved 2023-12-20.
^ abcJones, Connor. "SSH shaken, not stirred by Terrapin downgrade vulnerability". www.theregister.com. Retrieved 2023-12-20.
^"Nearly 11 million SSH servers vulnerable to new Terrapin attacks". BleepingComputer. Retrieved 2024-01-07.
The Terrapinattack is a cryptographic attack on the commonly used SSH protocol that is used for secure command-and-control throughout the Internet. The...
other attacks; there was, however, no evidence that they performed attacks on election infrastructure in 2020. December: A supply chain attack targeting...
HMS Terrapin was a British submarine of the third group of the T class. She was built as P323 by Vickers Armstrong, Barrow and launched on 31 August 1943...
the marsh terrapin, the crocodile turtle, or in the pet trade as the African side-necked turtle, is a species of omnivorous side-necked terrapin in the family...
scoop with two to four fork-like tines. Spork-like utensils, such as the terrapin fork or ice cream fork, have been manufactured since the late 19th century;...
This is a list of fictional turtles, tortoises, and terrapins from literature, movies and other elements of popular culture. Post turtle Ograbme Cultural...
as a starting quarterback at the University of Maryland. The Maryland Terrapins have produced several prominent quarterbacks. Starting with three consecutive...
Post. Prange was a popular lecturer at the University of Maryland. The Terrapin, the university's yearbook, said of his World War I and World War II history...
Of important concern is the diamondback terrapin, Malaclemys terrapin. The blue crab and diamondback terrapin have overlapping ranges along the East and...
The 1950 Maryland Terrapins football team represented the University of Maryland in 1950 college football season as a member of the Southern Conference...
season finale, 45–21, where Pastrana's passing accounted for all three Terrapin scores in a failed second-half comeback bid. He finished the year with...
East African black mud turtle (Pelusios subniger), also known as the Pan terrapin, is a species of turtle in the family Pelomedusidae, native to eastern...
Bulletin. 95 (4): 694–95. "Predation on Northern Diamondback Terrapins (Malaclemys terrapinterrapin) by Bald Eagles (Haliaeetus leucocephalus) along the Atlantic...
19, 1986) was an American college basketball player for the Maryland Terrapins. In the last of his four years playing for Maryland, he was named a consensus...
the number two player in her class by ESPN. Reese joined the Maryland Terrapins as the highest-ranked recruit in program history, but her freshman season...
an American women’s lacrosse player. Having played with the Maryland Terrapins at the collegiate level, she was named to the US national team for the...
species of turtles, including land-dwelling tortoises and freshwater terrapins. They are found on most continents, some islands and, in the case of sea...
Lacrosse Championships. Amonte Hiller played for the University of Maryland Terrapins, and won two national championships as a player. She was named the ACC...