Cart (Loading....) | Create Account
Close category search window
 

Architectural defects of the secure shell

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Saito, T. ; Tokyo Univ. of Technol., Japan ; Kito, T. ; Umesawa, K. ; Mizoguchi, F.

Although flaws have been found out in SSH, the Secure Shell, there has been little discussion about its architecture or design safety. Therefore, considering SSH architecture, e.g. the key exchange protocol, user authentication protocols and total design of the SSH, we not only discuss SSH architectural safety but show critical flaws for SSH users. For establishing the SSH connection, before user authentication, the SSH server and client exchange a session key, which can communicate securely. Then, over the secret channel encrypted by the session key, the SSH server authenticates a user in the SSH client using a user's password or public key. However, owing to defects in the SSH protocols and its design, a user can be deprived of their password in the authentication protocol. Moreover, we show that those who use its public key for authentication are exposed to the same risks as password-oriented users.

Published in:

Database and Expert Systems Applications, 2002. Proceedings. 13th International Workshop on

Date of Conference:

2-6 Sept. 2002

Need Help?


IEEE Advancing Technology for Humanity About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2014 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.