It sounds like the attack described last year, see my comments at http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2008q4/000848.html
Dropbear probably could be modified the same way as OpenSSH by continuing to make fake reads from the socket for the length requested, though it seems a bit overly complex when using CTR mode will solve the problem. I'll have a look what they're doing. Matt On Tue, May 19, 2009 at 09:01:44AM +0000, Nigel Lucas wrote: > > Just saw this on the news and was wondering if it affected Dropbear users? > > > > ** OpenSSH chink bares encrypted data packets ** > > > > Cryptographers are urging users of a widely employed network protocol to make > sure they're running the latest version after discovering a flaw that could > allow attackers to read data that's supposed to remain encrypted." > > > http://www.theregister.co.uk/2009/05/19/open_ssh_hack/ > > > > _________________________________________________________________ > View your Twitter and Flickr updates from one place – Learn more! > http://clk.atdmt.com/UKM/go/137984870/direct/01/
