OpenSSH 9.9p1/p2 Being Conspicuously Ignored...

One of the most significant OpenSSH updates in recent memory offers a wealth of improvements—yet it is seemingly being ignored. Is this happening by design?

Major Linux distributions have been conspicuously slow to adopt this milestone release, raising questions about the broader approach to implementation.

Now that was one heck of a crash landing (from nypost.com)

---

A Landmark Update for Two Key Reasons

OpenSSH 9.9p1/p2 stands out as a landmark update for two key reasons:

1. its resilience to Post-Quantum Cryptography (PQC) built on hybrid modularity and

2. its ability to address vulnerabilities of earlier releases, including RegreSSHion, tracked as CVE-2024-6387.

This release is feature packed.

The "Distant Future" Fallacy

Quantum computing represents a new yet already formidable challenge to cybersecurity. Today’s quantum computers, so the official narrative, supposedly lack the power to break contemporary encryption. Whether some nation states may already possess such capability, is up for debate.

Planes are falling out of the sky, flipping belly up on landing, losing gear or bursting into flames. Ships are bumping into each other in the middle of the ocean. Is this “extreme weather” or remote access?

Draw your own conclusions.

Quantum Supremacy

Current quantum computers so far supposedly lack the capacity or precision to break cryptographic keys in practice, even if quantum supremacy has been achieved in experimental contexts.

This prevailing narrative suggests that quantum attacks on public key cryptography are a concern for a distant future—implying there's no immediate cause for alarm. We are being led to believe that quantum computers aren’t advancing quickly enough to warrant a panic.

openssh - Fedora Packages

It doesn’t take much to effectively compromise classical cryptography. Quantum computers have become useful for practical computations, owing to their growing number of Qubits and crashing error rates. Their ability to execute Shor's algorithm strikes fear into the hearts of cyber defense experts. This capability goes far beyond mere benchmarks of quantum supremacy.

Quantum chips in the wrong hand could be already screwing with classical cryptography (Image courtesy of Nokia Quantum)

But there is more to cryptography than raw computational power. The other variable is time.

Rogue actors could be employing a “store-now-decrypt-later” strategy, positioning themselves to exploit encrypted data once sufficiently advanced quantum computing becomes more widely available.

Proactive measures like those in OpenSSH 9.9p1/p2 are not just warranted, they are indeed indispensable.

Too bad recent releases of some major Linux distributions went out of their way to ignore the 9.9 update and its critical patches.

Why the Rush? FIPS 203, FIPS 204 and FIPS 205

Why would NIST and the Secretary of Commerce expedite the approval of three Federal Information Processing Standards (FIPS) for post-quantum cryptography, aligning with their self-imposed August 2024 deadline?

Just look at this:

• FIPS 203, Module-Lattice-Based Key-Encapsulation Mechanism Standard,

• FIPS 204, Module-Lattice-Based Digital Signature Standard,

• FIPS 205, Stateless Hash-Based Digital Signature Standard.

Why the rush? Why indeed.

These efforts indicate that quantum threats are being taken seriously at the highest levels of cybersecurity governance. They underscore the importance of preparedness of the digitized economy at large.

The quantum computing race has already begun, and its implications for cybersecurity are profound. As nations and organizations strategize for a quantum-resilient future, adopting post-quantum cryptography is no longer optional—it’s a necessity.

Industry Response and Mitigation

Red Hat Enterprise Linux (RHEL) 10 is stuck with OpenSSH 9.8.

According to IBM, this outdate offers numerous fixes, but calling it an "improvement" seems misleading given its susceptibility to RegreSSHion (CVE-2024-6387).

While Red Hat is known for taking a more conservative approach in its release cycles than other vendors, this tardiness is certainly concerning.

The freeze of OpenSSH at version 9.8 in RHEL 10.0 Beta raises serious questions about the pace of updates in the coveted distribution and the ongoing risks it poses to real-world deployments.

The gravity of existing vulnerabilities has mobilized the cybersecurity community, with vendors and experts emphasizing the need for urgent action. Administrators are strongly advised to:

1. Update OpenSSH immediately to version 9.9p1/p2 or later to address critical vulnerabilities.

2. Review configuration settings to minimize potential exposure.

3. Implement additional safeguards, such as network segmentation and intrusion detection systems (IDS), to detect and mitigate unauthorized access attempts.

Settle for no less than the best.

The Bottom Line

As OpenSSH remains a cornerstone of secure communications, addressing its documented flaws is not optional—it’s an essential step in order to protect against potentially catastrophic breaches. Organizations that rely on OpenSSH must act swiftly to patch their systems and safeguard their infrastructure.

---

Links to Experimental KEMs within the Falcon and SNTRUP Cryptographic Frameworks

Exploring the realm of experimental Key Encapsulation Mechanisms (KEMs) within the Falcon and SNTRUP cryptographic frameworks reveals several noteworthy projects.

• One such initiative is the constant-time hardware implementation of Streamlined NTRU Prime, accessible on GitHub. This project supports parameter sets like sntrup653, sntrup761, and sntrup857, offering experimental synthesis, elaboration, and execution capabilities via GHDL.

  https://github.com/AdrianMarotzke/SNTRUP

• Falcon/SNTRUP Fork with Experimental KEMs
  A smaller but active community fork that merges Falcon, SNTRUP, and other experimental KEMs. Some contributors have tested grid-based approaches (though these are often incomplete or under heavy development).

  • https://github.com/milkey-mouse/openssh-falcon-sntrup

• Another significant endeavor is the 'SNTRUP_on_FPGA' project, which provides a constant-time hardware implementation of Streamlined NTRU Prime tailored for FPGA platforms. This experimental code delivers performance metrics for the sntrup761 parameter set on various hardware configurations.

  https://github.com/AdrianMarotzke/SNTRUP_on_FPGA

• Additionally, the 'BAT: Small and Fast KEM over NTRU Lattices' paper introduces an IND-CCA secure KEM based on NTRU. This scheme boasts compact parameters and practical efficiency, making it particularly appealing for applications utilizing the Falcon signature, renowned for its compactness in the NIST post-quantum cryptography standardization.

  https://eprint.iacr.org/2022/031

These resources offer valuable insights into the experimental landscape of KEMs within the Falcon and SNTRUP frameworks, contributing to the ongoing development and optimization of post-quantum cryptographic solutions.

• PQCrypto Git Repositories
  The PQCrypto.eu.org site occasionally links to user-maintained or experimental forks that feature a variety of lesser-known KEM proposals, including some that are grid-based. While there is no single “official” ML-KEM build hosted here, the site’s resources and mailing list archives can point you toward experimental forks in active development.

  • https://pqcrypto.eu.org/

• OpenSSH-Unix-Dev Mailing List Archives
  Developers sometimes share patches or references to private repositories on the OpenSSH-Unix-Dev mailing list. Searching for recent threads discussing “ML-KEM,” “grid-based KEM,” or “experimental PQ patches” may reveal new or updated forks.

  • https://marc.info/?l=openssh-unix-dev

Because these experiments are still a work in progress, expect them to be unstable. Be sure to follow any build instructions in their respective READMEs and proceed with caution if you plan to deploy them in a production-like environment.

---

---