Title
An attack on CRC-32 integrity checks of encrypted channels using CBC and CFB modes
Authors
Ariel Futoransky, Ariel Pacetti and Gerardo Richarte
In
Corelabs Technical Report
Date published
1998
Keywords
crc32, ssh, integrity checks

Abstract

A known-plaintext attack against SSH protocol version 1.5 is described that allows an attacker to insert arbitrary commands in the stream regardless of the authentication protocol used, the block cipher or the key. The attack is based on weakneses of the integrity function used (CRC-32) that become exploitable due to the use of CBC and CFB feedback modes.

Attachments