Only affects RSA keys, and then only 1 in a million keys are vulnerable. So this is mostly of academic (rather than practical) interest, but nevertheless it will lead to further hardening of the SSH protocol which is nice.
Underscoring the importance of their discovery, the researchers used their findings to calculate the private portion of almost 200 unique SSH keys they observed in public Internet scans taken over the past seven years.
SSH is the cryptographic protocol used in secure shell connections that allows computers to remotely access servers, usually in security-sensitive enterprise environments.
The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection.
Another reason for the surprise is that until now, researchers believed that signature faults exposed only RSA keys used in the TLS—or Transport Layer Security—protocol encrypting Web and email connections.
The researchers noted that since the 2018 release of TLS version 1.3, the protocol has encrypted handshake messages occurring while a web or email session is being negotiated.
The new findings are laid out in a paper published earlier this month titled "Passive SSH Key Compromise via Lattices."
The original article contains 596 words, the summary contains 157 words. Saved 74%. I'm a bot and I'm open source!