Ars Technica

In a first, cryptographic keys protecting SSH connections stolen in new attack

For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally ...
マイナビニュース

RSA署名の計算エラーからSSHの秘密鍵が盗まれる可能性があると判明

Ars Technicaは11月13日、「In a first, cryptographic keys protecting SSH connections stolen in new attack」において、SSHの秘密鍵が盗まれる可能性がある新たな脆弱性が発見されたと伝えた。この脆弱性は、クライアントとサーバが接続を確立する際に行われるRSA署名の計算エラー ...
Bleeping Computer

Researchers extract RSA keys from SSH server signing errors

A team of academic researchers from universities in California and Massachusetts demonstrated that it’s possible under certain conditions for passive network attackers to retrieve secret RSA keys from ...