Fabian Bäumer
@TrueSkrillor
PhD Student @ruhrunibochum | 🐢 Terrapin Attack | Interested in anything related to SSH and protocol security in general
ID:724891844736339970
26-04-2016 09:24:18
37 Tweets
227 Followers
54 Following
Video for the talk on the Terrapin Attack at Real World Crypto 2024 is now online! Featuring Fabian Bäumer youtube.com/watch?v=YoNOEp…
(THREAD) Martin R. Albrecht and I have written a retrospective on “Crypto in the Wild”. This is about some of our work over the last 20 years or so, in which we look “out there” into the wild to see how cryptography is used in deployed systems. Link:
eprint.iacr.org/2024/532 (1/6)
I'll be giving a talk about our latest finding, the Terrapin Attack, at Real World Crypto next week. Make sure to get up early on Tuesday if you happen to be there 😜 I'm looking forward to meeting you all, crypto folks!🤗
Congratulations to Fabian Bäumer and Marcus Brinkmann! The Terrapin paper just got accepted for USENIX Security 2024!
Don't fret my fellow network engineers, it is not as bad as it might sound. There are certain requirements that make this attack a rather complicated one when Networks are concerned.
Nevertheless, I posted my thoughts about it here learn.srlinux.dev/blog/2024/ssh-… as well as the testing
We started to receive questions from customers regarding this CVE and on the surface, it sounded quite scary.
Patches done to almost every SSH server out there, but no mention of Network OSes.
So I decided to help researchers Fabian Bäumer Marcus Brinkmann and Jörg Schwenk by assessing
Mathias Payer In short, that SSH implementations handled sequence numbers in a particular, natural way in the BPP. I think once implementations are fixed to do the right thing (TM) the proofs should be useful once more.
No worries, it's me answering a few questions on Ars Technica regarding our new Terrapin attack targeting SSH 🙂 If you haven't already, check terrapin-attack.com as well as the article by @[email protected] -- Follow me there arstechnica.com/security/2023/…
The researchers Jörg Schwenk Fabian Bäumer and Marcus Brinkmann found critical vulnerabilities in #SSH which allows a MitM attacker to drop certain messages from the secured connection. Learn more ➡️ casa.rub.de/en/news/casa/n… #cybersecurity