"Unprecedented Attack: Cryptographic Keys Safeguarding SSH Connections Compromised"
Researchers have discovered a vulnerability in the cryptographic keys used to protect data in computer-to-server SSH traffic, which can be compromised when computational errors occur during connection establishment. The vulnerability affects RSA keys and has been found in approximately one-third of the SSH signatures examined, exposing the private key of the host in about one in a million cases. This finding is surprising because most SSH software has deployed countermeasures to prevent such attacks, and it was previously believed that signature faults only affected RSA keys used in TLS protocols.
