Tampere University of Technology

TUTCRIS Research Portal

The time will tell on you: Exploring information leaks in SSH public key authentication

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review


Original languageEnglish
Title of host publicationNetwork and System Security
Subtitle of host publication11th International Conference, NSS 2017, Helsinki, Finland, August 21–23, 2017, Proceedings
Number of pages14
ISBN (Electronic)978-3-319-64701-2
ISBN (Print)978-3-319-64700-5
Publication statusPublished - 2017
Publication typeA4 Article in a conference publication
EventInternational Conference on Network and System Security -
Duration: 1 Jan 2000 → …

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceInternational Conference on Network and System Security
Period1/01/00 → …


SSH client public key authentication method is one of the most used public key client authentication methods. Despite its popularity, the precise protocol is not very well known, and even advanced users may have misconceptions of its functionality. We describe the SSH public key authentication protocol, and identify potential weak points for client privacy. We further review parts of the OpenSSH implementation of the protocol, and identify possible timing attack information leaks. To evaluate the severity of these leaks we built a modified SSH-library that can be used to query the authentication method with arbitary public key blobs and measure the response time. We then use the resulting query timing differences to enumerate valid users and their key types. Furthermore, to advance the knowledge on remote timing attacks, we study the timing signal exploitability over a Tor Hidden Service (HS) connection and present filtering methods that make the attack twice as effective in the HS setting.

Publication forum classification

Field of science, Statistics Finland