The Terrapin Attack: A New Cybersecurity Threat to SSH Protocols

In the ever-evolving landscape of cybersecurity, a new threat has emerged, known as the Terrapin attack. This sophisticated cyber assault targets the SSH (Secure Shell) protocol, a widely used standard for secure network services like remote terminal login and file transfer. The Terrapin attack exploits a vulnerability in SSH’s sequence number handling during the handshake process, allowing attackers to disrupt the integrity of SSH’s secure channel.

What makes the Terrapin attack uniquely alarming is its ability to manipulate sequence numbers to remove messages sent by the client or server at the beginning of the secure channel, without detection. This vulnerability can be exploited in real-world scenarios, downgrading the connection’s security and potentially leading to the use of less secure client authentication algorithms.

These are 3 CVE numbers for this new attack:

  • CVE-2023-48795: General Protocol Flaw
  • CVE-2023-46445: Rogue Extension Negotiation Attack in AsyncSSH
  • CVE-2023-46446: Rogue Session Attack in AsyncSSH

The discovery of the Terrapin attack was made by a team of security researchers from Ruhr University Bochum, including Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk. Their findings revealed that this attack could enable the exploitation of implementation flaws, particularly in AsyncSSH servers. These flaws could allow an attacker to sign a victim into another account without detection, paving the way for potent phishing attacks and granting Man-in-the-Middle capabilities within encrypted sessions.

Performing the Terrapin attack requires Man-in-the-Middle capabilities at the network layer, enabling attackers to intercept and modify traffic. Additionally, the connection must be secured by specific encryption modes, which are widely adopted, making most real-world SSH sessions vulnerable.

In response to this threat, researchers have developed a simple console application written in Go, available on GitHub. This tool helps determine the vulnerability of SSH servers or clients to the Terrapin attack. Despite its severity, the attack is not an immediate threat to all systems, as it requires specific conditions to be met, including the interception and modification of TCP/IP traffic and the use of certain encryption modes.

The implications of the Terrapin attack are significant, particularly in terms of security downgrades during SSH extension negotiations. This could affect client authentication security, especially when using RSA public keys, and in some cases, may deactivate countermeasures against keystroke timing attacks in OpenSSH 9.5.

The Terrapin attack has been acknowledged by multiple vendors, leading to updates in SSH implementations to support an optional strict key exchange. This measure, while effective, requires support from both client and server to be effective.