Rahila Syed wrote:
I am using OpenSSH compression for compressing data between
PostgreSQL servers. I am using following command,
ssh -c arcfour,blowfish-cbc -4 -2 -v -C -L 3304:localhost:5432 user@server2
I want to know if vulnerability CRIME which attacks SSL deflate
compression algorithm is a threat to SSH compression too?
After reading around a bit , i could find that it is a possibility
that SSH can be affected by CRIME.
So , can someone please confirm if CRIME vulnerability exists for SSH
compression?
Sure the principal of CRIME applies to any compressed connection that
multiplexes streams an attacker can control by making repeated requests
over the connection and observing the changes in encrypted data.
But who leaves their PostgreSQL listening socket open to the world ?
including the other end of the SSH tunnel.
For example if you are listening on localhost then presumably the entire
system is trusted. All applications and processes are good and trusted.
To mitigate the whole problem you might be able to use PostgreSQL 'md5'
authentication type which is challenge-response based. (please
experiment, tcpdump unencrypted connections and prove my claim here).
Ensure to disable all other authentication mechanisms (such as 'password').
With 'md5' it means the data for each authentication attempt is randomly
unique, as the challenge is a random number and the response is based on
the input random number.
This is not subject to replay attack, so the attacker can not repeat the
input and observe the changes on the network, since the input is
different everytime authentication is attempted.
Contrast this with HTTP based cookies (the subject of CRIME) and HTTP
Basic auth, the data is the same every time. (Even HTTP Digest auth is
subject to CRIME since the data can be reused once setup).
Of course seek advice from a paid professional.
Darryl
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org