X
Tech

OpenSSH gets protection against attacks like Spectre, Meltdown, Rowhammer, and Rambleed

OpenSSH to encrypt SSH private keys while at rest in a computer's RAM.
Written by Catalin Cimpanu, Contributor
SSH, OpenSSH

The OpenSSH project is getting protection against side-channel attacks that are known to leak data from a computer's memory, and allow malicious threat actors to steal sensitive information.

The protections were added to the OpenSSH code yesterday, June 20, by Damien Miller, a Google security researcher, and one of the top OpenSSH and OpenBSD developers.

OpenSSH to encrypt private keys in RAM

According to Miller, OpenSSH will encrypt SSH (Secure SHell) private keys while they are at rest inside a computer's RAM. SSH private keys can be used by malicious threat actors to connect to remote servers without the need of a password.

If an attacker manages to extract data from a computer or server's RAM, they will only obtain an encrypted version of a SSH private key, rather than the cleartext version.

Per Miller, this protection will be able to stop side-channel attacks like Spectre, Meltdown, Rowhammer, and Rambleed, dead in their tracks.

These attacks have come to light in recent years. They are the work of academic research, which found hardware design faults in CPUs and RAM components. These faults can be exploited to leak data being processed inside the CPU or RAM.

Encryption enough to stop some attacks

According to Miller's code commit, "this change encrypts private keys when they are not in use with a symmetic key that is derived from a relatively large 'prekey' consisting of random data (currently 16KB)."

"Attackers must recover the entire prekey with high accuracy before they can attempt to decrypt the shielded private key, but the current generation of attacks have bit error rates that, when applied cumulatively to the entire prekey, make this unlikely," he added.

"Implementation-wise, keys are encrypted 'shielded' when loaded and then automatically and transparently unshielded when used for signatures or when being saved/serialised," Miller said.

The OpenSSH dev hopes they'll be able to remove this special protection against side-channel attacks "in a few years time when computer architecture has become less unsafe."

OpenSSH is the default SSH client in most operating systems, from OpenBSD (for which it was initially developed for) to Windows 10 (the latest OS to support it).

HackerOne's top 20 public bug bounty programs

Related cybersecurity coverage:

Editorial standards