OpenSSH Moves to Prevent ‘Capture Now, Decrypt Later’ Attacks
OpenSSH has joined the high-stakes fight to protect data from quantum computers.
The latest version of the widely used encryption and connectivity tool has been fitted with new features to prevent “capture now, decrypt later” attacks linked to advancements in quantum computing.
Security experts warn that advanced threat actors are already stealing and storing encrypted data for a future when quantum computers are capable of cracking all known encryption algorithms and the latest moves by OpenSSH is meant to proactively address these risks.
According to notes published alongside the release of OpenSSH 9.0, the open-source group will now use the hybrid Streamlined NTRU Prime + x25519 key exchange method by default, a move that includes a backstop against future discoveries of flaws in the NTRU algorithm.
“The NTRU algorithm is believed to resist attacks enabled by future quantum computers and is paired with the X25519 ECDH key exchange (the previous default) as a backstop against any weaknesses in NTRU Prime that may be discovered in the future. The combination ensures that the hybrid exchange offers at least as good security as the status quo,” OpenSSH explained.
“We are making this change now (i.e. ahead of cryptographically-relevant quantum computers) to prevent “capture now, decrypt later” attacks where an adversary who can record and store SSH session ciphertext would be able to decrypt it once a sufficiently advanced quantum computer is available,” it added.
OpenSSH is considered the default connectivity tool for remote login with the SSH protocol. It is used to encrypt all traffic to eliminate eavesdropping and connection hijacking.