Stealing Secrets with SSL/TLS and SSH -- Kleptographic Attacks

Zbigniew Golebiewski, Miroslaw Kutylowski, Filip Zagorski


We present very simple kleptographic attacks on SSL/TLS 
and SSH protocols. They enable a party, which has slightly 
manipulated the code of a cryptographic library,
to steal secrets of the user. According to the scenario of the 
kleptographic attacks the secrets can be stolen only by a party having 
a secret key not included in the manipulated code. The attacker 
needs only to record transmissions. The messages transmitted are 
indistinguishable from the not manipulated ones. 

The problems are caused by design faults of SSL/TLS and SSH protocols 
that make them vulnerable for a kleptographic attack. We propose changes 
of these protocols that make them immune against this threat while 
all previous security features remain preserved.

Keywords: kleptography, SSL, TLS, SSH,