APPROVED SSH SECURITY ALGORITHMS

Georgia SoftWorks 2019

Advancements in mathematics and computing power forced deprecation of many existing and commonly used security algorithms an d ciphers Modern SAFE algorithms have replaced the deprecated ones. Unfortunately, most SSH products do not have updated algorithms th at are SAFE for 2019 Both the SSH Server and Client must use SAFE, approved algorithms, MACs and ciphers to provide the level of security for whic h SSH is renowned

Categories

SSH includes several categories of security algorithms that are responsible for securing different aspects of the protocol
Host Key Algorithms Key Exchange Algorithms Message Authentication Codes (MACs) CIPHERS Public Key Algorithms

Purpose

Each category has specific purposes during various stages of the protocol operation
Server authenticates itself to the client.Used by the client to verify that they are connecting to the correct hos Used to derive encryption keys and initialization vectors used by ciphers and MAC’s Used to protect data integrity and prevent replay attacks PrivacyAlgorithms performing encryption/decryption of the data being transferred Client authenticates itself to the server. Proves to the Host that the client is who they say they are

Protect Against

Each algorithm category protects againstdifferent threats. There is some overlap where needed
  • Man-in-the -middle
  • IP Spoof ing
  • Man-in-the-middle
  • A weak encryption key
  • Man-in-the-middle
  • Replay attack
  • Modif ication of session data on the fly
  • Attacker being able to see the data
  • Unauthorized access

SAFE Algorithms

SAFE choices for each category of algorithm are listed on the right
ssh -ed25519
rsa-sha2-512
rsa-sha2-256
curve25519-sha256@libssh.org
curve25519-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
hmac-sha2-512-etm@openssh.com
hmac-sha2-256-etm@openssh.com

chacha20-poly1305@openssh.com

aes256-gcm@openssh.com

aes128-gcm@openssh.com

  

aes256-ctr

aes128-ctr

aes192-ctr

These ciphers are safe when used with the specified MACs

ssh -ed25519
rsa-sha2-512
rsa-sha2-256
  Missing a safe algorithm in any category renders your SSH implementation unSAFE and the risks are listed below

unSAFE Results

Not all SSH algorithms are SAFE

Attacker can impersonate the attacked server, steal user credentials and gain access to the server Decryption of User Data All the data transferred is compromised
Attacker can change and inject data at will
Decryption of User Data Unauthorized access to:
  • Interactive Shell
  • Port Forwarding
  • File System
  • Secure Subsystems on Server

Host Key Algorithms

Purpose

Server authenticates itself to the client.Used by the client to verify that they are connecting to the correct hos

Protect Against
  • Man-in-the -middle
  • IP Spoof ing
SAFE Algorithms

ssh -ed25519

rsa-sha2-512

rsa-sha2-256

unSafe Results

Attacker can impersonate the attacked server, steal user credentials and gain access to the server

Key Exchange Algorithms

Purpose

Used to derive encryption keys and initialization vectors used by ciphers and MAC’s

Protect Against
  • Man-in-the-middle
  • A weak encryption key
SAFE Algorithms

curve25519-sha256@libssh.org

curve25519-sha256

diffie-hellman-group16-sha512

diffie-hellman-group18-sha512

unSafe Results

Decryption of User Data

Message Authentication Codes (MACs)

Purpose

Used to protect data integrity and prevent replay attacks

Protect Against
  • Man-in-the-middle
  • Replay attack
  • Modif ication of session data on the fly
unSafe Results

All the data transferred is compromised
Attacker can change and inject data at will

CIPHERS

Purpose

PrivacyAlgorithms performing encryption/decryption of the data being transferred

Protect Against
  • Attacker being able to see the data
SAFE Algorithms

chacha20-poly1305@openssh.com

aes256-gcm@openssh.com

aes128-gcm@openssh.com

aes256-ctr

aes128-ctr

aes192-ctr

These ciphers are safe when used with the specified MACs

unSafe Results

Decryption of User Data

Public Key Algorithms

Purpose

Client authenticates itself to the server. Proves to the Host that the client is who they say they are

Protect Against
  • Unauthorized access
SAFE Algorithms

ssh -ed25519

rsa-sha2-512

rsa-sha2-256

unSafe Results

Unauthorized access to:

  • Interactive Shell
  • Port Forwarding
  • File System
  • Secure Subsystems on Server


LinkedIn Facebook Twitter Pinterest Reddit StumbleUpon Tumblr Email