Cryptographic security of SSH encryption schemes

SSH is a Swiss Army Knife protocol for creating secure communication links between machines and an indispensable tool for IT professionals. However, its underlying symmetric encryption scheme constructions have not seen the same rigorous analysis as constructions in other popular secure communication protocols. This thesis aims to bridge this gap, providing SSH deployment statistics, new attacks against a number of SSH encryption schemes, a thorough security analysis of several SSH encryption schemes, and development of new SSH encryption schemes that provide better security properties than existing schemes. Firstly, we report on several scans performed targeting publicly accessible SSH servers on the Internet. From these scans, we compile longitudinal SSH statistics evaluating the evolution of preferred SSH encryption scheme, SSH software and SSH version trends. Secondly, we describe several new attacks on SSH encryption schemes in OpenSSH that utilise the CBC encryption mode of operation. These attacks are a result of both inherent weaknesses in CBC-mode and bugs in the OpenSSH implementation. Thirdly, we use the ciphertext fragmentation framework to analyse the concrete cryptographic security of a number of SSH encryption schemes as implemented in OpenSSH. Finally, we develop a practical version of the symmetric encryption scheme InterMAC, implement it and evaluate its security and performance. The implementation is then used to construct InterMAC-based SSH encryption schemes. We evaluate the performance of these new schemes against existing SSH encryption schemes in OpenSSH.