计算机科学

计算机科学 ›› 2025, Vol. 52 ›› Issue (2): 353-361.doi: 10.11896/jsjkx.231200187

• 信息安全 • 上一篇    下一篇

基于信任链技术的SSH传输层协议改进

王兴国1, 孙云霄1, 王佰玲1,2   

  1. 1 哈尔滨工业大学(威海)计算机科学与技术学院 山东 威海 264209
    2 哈尔滨工业大学网络空间安全研究院 哈尔滨 150001
  • 收稿日期:2023-12-27 修回日期:2024-05-24 出版日期:2025-02-15 发布日期:2025-02-17
  • 通讯作者: 王佰玲(wbl@hit.edu.cn)
  • 作者简介:(wxghitwh@qq.com)

Improvement of SSH Transport Layer Protocol Based on Chain of Trust

WANG Xingguo1, SUN Yunxiao1, WANG Bailing1,2   

  1. 1 School of Computer Science and Technology,Harbin Institute of Technology,Weihai,Shandong 264209,China
    2 Harbin Institute of Technology Research Institute of Cyberspace Security,Harbin 150001,China
  • Received:2023-12-27 Revised:2024-05-24 Online:2025-02-15 Published:2025-02-17
  • About author:WANG Xingguo,born in 2000,postgraduate.His main research interests include network security communication protocol,computer network and traffic classification.
    WANG Bailing,born in 1978,Ph.D,professor,Ph.D supervisor,is a member of CCF(No.W6689G).His main research interests include industrial Internet security,information security and financial security.

PDF (PC)

99

摘要: 主机密钥是SSH(安全外壳,Secure Shell)服务器的身份标识,用户通过检查主机密钥指纹实现对SSH服务器的身份认证。但在实际应用中,用户往往并不重视指纹检查过程,使得基于主机密钥替换的中间人攻击成为可能。为此,基于信任链思想提出一种SSH传输层协议的改进方案。该方案通过旧密钥为新密钥签名的方式建立主机密钥的信任链,无需用户检查指纹即可解决主机密钥的信任问题,实现对服务器的身份认证,大大降低了因用户不检查指纹而引入的中间人攻击风险。使用ProVerif对基于信任链的SSH传输层协议进行形式化分析,结果表明改进后的协议满足机密性和认证性,能够抵抗中间人攻击。

关键词: SSH协议, 信任链, 中间人攻击, 安全协议, 形式化分析

Abstract: Host keys are identification of SSH servers.Users are required to check host key fingerprints to authenticate SSH servers.However,users often ignore the process of checking fingerprints when using SSH,making man-in-the-middle attacks based on host key replacement possible.In this regard,an improvement scheme of the SSH transport layer protocol is proposed based on the chain of trust.In the scheme,a chain of trust is established by signing the new host key with the old host key.The improved SSH protocol can solve the trust problem of new host keys without the need for users to check fingerprints,so as to achieve identity authentication of servers,which greatly reduces the risk of man-in-the-middle attacks.Finally,using ProVerify to analyze the improved protocol,verification results show that the improved protocol satisfies confidentiality and authentication,and can resist man-in-the-middle attacks.

Key words: Secure shell, Chain of trust, Man-in-the-middle attack, Security protocol, Fromal analysis

中图分类号: 

  • TN915.04
[1]YLONEN T.SSH key management challenges and requirements[C]//2019 10th IFIP International Conference on New Technologies,Mobility and Security(NTMS).IEEE,2019:1-5.
[2]GARIMELLA A,KUMAR D R.Secure Shell-Its Significance in Networking(SSH)[J].International Journal of Application or Innovation in Engineering & Management,2015,4(3):187-196.
[3]GUTMANN P.Do users verify SSH keys[J].Login,2011,36:35-36.
[4]DECHAND S,SCHÜRMANN D,BUSSE K,et al.An Empirical Study of Textual Key-Fingerprint Represen-tations[C]//25th USENIX Security Symposium(USENIX Security 16).2016:193-208.
[5]ANDREWS R,HAHN D A,BARDAS A G.Measuring theprevalence of the password authentication vulnerability in SSH[C]//2020 IEEE International Conference on Communications(ICC).IEEE,2020:1-7.
[6]YLONEN T,LONVICK C.The secure shell(SSH) protocol ar-chitecture[S].RFC 4251,2006.
[7]JONES J P,BERGER D F,RAVISHANKAR C V.Layeringpublic key distribution over secure DNS using authenticated dele-gation[C]//21st Annual Computer Security Applications Conference(ACSAC'05).IEEE,2005:409-418.
[8]NEEF S,WISIOL N.Oh SSH-it,What's My Fingerprint? A Large-Scale Analysis of SSH Host Key Fingerprint Verification Records in the DNS[C]//International Conference on Cryptology and Network Security.Cham:Springer International Publi-shing,2022:71-88.
[9]SCHLYTER J,GRIFFIN W.Using DNS to securely publish se-cure shell(SSH) key fingerprints[S].RFC 4255,2006.
[10]WENDLANDT D,PERRIG A.Perspectives:Improving SSH-style Host Authentication with Multi-Path Probing[C]//2008 USENIX Annual Technical Conference(USENIX ATC 08).2008.
[11]ALICHERRY M,KEROMYTIS A D.Doublecheck:Multi-path verification against man-in-the-middle attacks[C]//2009 IEEE Symposium on Computers and Communications.IEEE,2009:557-563.
[12]STÖCKLIN T T.Evaluating SSH for Modern Deployments[EB/OL].(2022-05-25) [2023-10-19].https://thaulow.co/noroff/ssh.pdf.
[13]HERATH P.Azure Virtual Machine Security[J].Azure Cloud Security for Absolute Beginners:Enabling Cloud Infrastructure Security with Multi-Level Security Options,2022:167-188.
[14]M'RAIHI D,MACHANI S,PEI M,et al.Totp:Time-basedone-time password algorithm[S].RFC 6238,2011.
[15]LI W,CHENG H,WANG P,et al.Practical threshold multi-factor authentication[J].IEEE Transactions on Information Forensics and Security,2021,16:3573-3588.
[16]FENG X,LI Q,SUN K,et al.Off-Path Network Traffic Mani-pulation via Revitalized ICMP Redirect Attacks[C]//31st USENIX Security Symposium(USENIX Security 22).2022:2619-2636.
[17]RIECK K.Fuzzy Fingerprints Attacking Vulnerabilities in the Human Brain[J/OL].http://freeworld.thc.org/papers/ffp.pdf.
[18]YAO J,XU C,LI D,et al.Formal Verification of Security Protocols:ProVerif and Extensions[C]//International Conference on Artificial Intelligence and Security.Cham:Springer International Publishing,2022:500-512.
[19]BASIN D,CREMERS C,DREIER J,et al.Tamarin:verification of large-scale,real-world,cryptographic protocols[J].IEEE Security & Privacy,2022,20(3):24-32.
[20]XI C,SIQI L.Research on semantics and algorithm of formalanalysis tool Scyther[C]//2022 IEEE 4th International Confe-rence on Civil Aviation Safety and Information Technology(ICCASIT).IEEE,2022:1058-1074.
[21]YOGESH P R.Formal verification of secure evidence collection protocol using BAN logic and AVISPA[J].Procedia Computer Science,2020,167:1334-1344.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发