add Spectre variant 2 mitigations
David Newall
openssh at davidnewall.com
Tue Feb 6 21:28:50 AEDT 2018
On 06/02/18 19:52, Darren Tucker wrote:
> On 6 February 2018 at 20:09, David Newall <openssh at davidnewall.com> wrote:
>> Do we need to do anything? It's not clear to me how SSH is vulnerable to
>> Spectre -- that is, how SSH can be used to execute a Spectre attack?
> I am more concerned with it being the target of a Spectre style
> attack. There's some long lived private data (host keys in the case
> of sshd, session keys in the case of ssh and sshd and user keys in the
> case of ssh-agent) and there's some scope to manipulate their
> behaviour through external stimuli.
>
Indeed, but I'm not sure that SSH can be used in a Spectre attack; nor
that using the mitigation strategies in SSH will do anything to prevent
these keys from being stolen. As I understand it, the likely way that
SSH session keys will be stolen is by sending malicious JS to the browser.
I'm not saying that SSH needs no mitigation, I'm asking the question,
"does it"? Before we slow SSH down with the mitigation strategies,
let's be sure there's a benefit to be gained.
More information about the openssh-unix-dev
mailing list