Architectural Defects of the Secure Shell

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Takamichi Saito Articles by Toshiyuki Kito Articles by Kentaro Umesawa Articles by Fumio Mizoguchi

13th International Workshop on Database and Expert Systems Applications (DEXA'02)

Aix-en-Provence, France

September 02-September 06

ISBN: 0-7695-1668-8

	ASCII Text	x
	Takamichi Saito, Toshiyuki Kito, Kentaro Umesawa, Fumio Mizoguchi, "Architectural Defects of the Secure Shell," Database and Expert Systems Applications, International Workshop on, pp. 22, 13th International Workshop on Database and Expert Systems Applications (DEXA'02), 2002.

	BibTex	x
	@article{ 10.1109/DEXA.2002.1045871, author = {Takamichi Saito and Toshiyuki Kito and Kentaro Umesawa and Fumio Mizoguchi}, title = {Architectural Defects of the Secure Shell}, journal ={Database and Expert Systems Applications, International Workshop on}, volume = {0}, year = {2002}, issn = {1529-4188}, pages = {22}, doi = {http://doi.ieeecomputersociety.org/10.1109/DEXA.2002.1045871}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Database and Expert Systems Applications, International Workshop on TI - Architectural Defects of the Secure Shell SN - 1529-4188 SP EP A1 - Takamichi Saito, A1 - Toshiyuki Kito, A1 - Kentaro Umesawa, A1 - Fumio Mizoguchi, PY - 2002 KW - null VL - 0 JA - Database and Expert Systems Applications, International Workshop on ER -

Takamichi Saito, Tokyo University of Technology

Toshiyuki Kito, Science University of Tokyo

Kentaro Umesawa, Science University of Tokyo

Fumio Mizoguchi, Science University of Tokyo

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/DEXA.2002.1045871

Although some flaws have been found out in the SSH, the Secure Shell, there is not os much discussion about its architecture or design safety. Therefore, in this paper, considering the SSh's architecture, e.g. the key exchange protocol, the user authentication protocols and its total design of the SSH, we not only discuss the SSH's architectural safety but show some critical flaws for SSH users. For establishing the SSH connection, before the user authentication, the SSH sever and client are exchanging a session key, which can make secure communication. Then, over the secret channel encrypted by the session key, the SSH server are authenticating a user in the SSH client using with a user's password or public key. However, owing to the defects in the SSH protocols and its design, a user can be deprived of its password in the authentication protocol. Moreover, we will show that those who use its public key for authentication are exposed to the menace same as password-oriented users are.

Citation:

Takamichi Saito, Toshiyuki Kito, Kentaro Umesawa, Fumio Mizoguchi, "Architectural Defects of the Secure Shell," dexa, pp.22, 13th International Workshop on Database and Expert Systems Applications (DEXA'02), 2002

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.