{"id":"https://openalex.org/W4415087351","doi":"https://doi.org/10.1145/3719027.3765208","title":"Finding SSH Strict Key Exchange Violations by State Learning","display_name":"Finding SSH Strict Key Exchange Violations by State Learning","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4415087351","doi":"https://doi.org/10.1145/3719027.3765208"},"language":"en","primary_location":{"id":"doi:10.1145/3719027.3765208","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765208","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1145/3719027.3765208","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5093551583","display_name":"Fabian B\u00e4umer","orcid":"https://orcid.org/0009-0006-5569-6625"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Fabian B\u00e4umer","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5119958453","display_name":"Marcel Maehren","orcid":"https://orcid.org/0009-0002-8964-826X"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Marcel Maehren","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101417857","display_name":"Marcus Brinkmann","orcid":"https://orcid.org/0000-0001-5649-6357"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Marcus Brinkmann","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5053201224","display_name":"J\u00f6rg Schwenk","orcid":"https://orcid.org/0000-0001-9315-7354"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"J\u00f6rg Schwenk","raw_affiliation_strings":["Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5093551583"],"corresponding_institution_ids":["https://openalex.org/I904495901"],"apc_list":null,"apc_paid":null,"fwci":1.4888,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.87670809,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"246","last_page":"260"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9294000267982483,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9294000267982483,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9117000102996826,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/handshake","display_name":"Handshake","score":0.8919000029563904},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.6154999732971191},{"id":"https://openalex.org/keywords/state","display_name":"State (computer science)","score":0.5551000237464905},{"id":"https://openalex.org/keywords/session","display_name":"Session (web analytics)","score":0.4968000054359436},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.4943999946117401},{"id":"https://openalex.org/keywords/key-exchange","display_name":"Key exchange","score":0.4562000036239624},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.4514999985694885},{"id":"https://openalex.org/keywords/session-key","display_name":"Session key","score":0.4422000050544739}],"concepts":[{"id":"https://openalex.org/C2778000800","wikidata":"https://www.wikidata.org/wiki/Q830043","display_name":"Handshake","level":3,"score":0.8919000029563904},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7649999856948853},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6287999749183655},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.6154999732971191},{"id":"https://openalex.org/C48103436","wikidata":"https://www.wikidata.org/wiki/Q599031","display_name":"State (computer science)","level":2,"score":0.5551000237464905},{"id":"https://openalex.org/C2779182362","wikidata":"https://www.wikidata.org/wiki/Q17126187","display_name":"Session (web analytics)","level":2,"score":0.4968000054359436},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.4943999946117401},{"id":"https://openalex.org/C99674996","wikidata":"https://www.wikidata.org/wiki/Q1414155","display_name":"Key exchange","level":4,"score":0.4562000036239624},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.4514999985694885},{"id":"https://openalex.org/C191197275","wikidata":"https://www.wikidata.org/wiki/Q1755775","display_name":"Session key","level":3,"score":0.4422000050544739},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.3905999958515167},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.38679999113082886},{"id":"https://openalex.org/C167822520","wikidata":"https://www.wikidata.org/wiki/Q176452","display_name":"Finite-state machine","level":2,"score":0.36500000953674316},{"id":"https://openalex.org/C148176105","wikidata":"https://www.wikidata.org/wiki/Q206494","display_name":"Transport Layer Security","level":3,"score":0.3540000021457672},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3384999930858612},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3278999924659729},{"id":"https://openalex.org/C2778029271","wikidata":"https://www.wikidata.org/wiki/Q5421931","display_name":"Extension (predicate logic)","level":2,"score":0.2906999886035919},{"id":"https://openalex.org/C181062253","wikidata":"https://www.wikidata.org/wiki/Q5421886","display_name":"Extended finite-state machine","level":3,"score":0.2833999991416931},{"id":"https://openalex.org/C29524669","wikidata":"https://www.wikidata.org/wiki/Q623447","display_name":"Diffie\u2013Hellman key exchange","level":5,"score":0.27639999985694885},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.2752000093460083},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.2655999958515167},{"id":"https://openalex.org/C126266803","wikidata":"https://www.wikidata.org/wiki/Q7074169","display_name":"Oakley protocol","level":5,"score":0.26010000705718994},{"id":"https://openalex.org/C88520388","wikidata":"https://www.wikidata.org/wiki/Q1126823","display_name":"SSH File Transfer Protocol","level":4,"score":0.2565999925136566}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3719027.3765208","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765208","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2509.10895","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2509.10895","pdf_url":"https://arxiv.org/pdf/2509.10895","source":{"id":"https://openalex.org/S4393918464","display_name":"ArXiv.org","issn_l":"2331-8422","issn":["2331-8422"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/3719027.3765208","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765208","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"SSH":[0,43,80,107,148,191,204,256,262,282],"is":[1,126,149],"an":[2,46,79,121,190],"important":[3],"protocol":[4],"for":[5,209],"secure":[6],"remote":[7,273],"shell":[8],"access":[9],"to":[10,82,88,178,211],"servers":[11],"on":[12,25,29,153],"the":[13,22,30,36,65,68,75,97,116,129,135,138,143,173,181,186,200,227,235,253,260,265,277,281],"Internet.":[14],"At":[15],"USENIX":[16],"2024,":[17],"B\u00e4umer":[18],"et":[19],"al.":[20],"presented":[21],"Terrapin":[23,174],"attack":[24,251],"SSH,":[26,154],"which":[27,113],"relies":[28],"attacker":[31],"injecting":[32],"optional":[33,60,157],"messages":[34,61,133,167],"during":[35,64],"key":[37,53,213],"exchange.":[38],"To":[39],"mitigate":[40],"this":[41,72,93],"attack,":[42],"vendors":[44],"adopted":[45],"extension":[47],"developed":[48],"by":[49,128],"OpenSSH":[50],"called":[51],"strict":[52,58,103,195,207,236],"exchange":[54,214],"(''strict":[55],"KEX'').":[56],"With":[57],"KEX,":[59],"are":[62,168],"forbidden":[63],"handshake,":[66],"preventing":[67],"attack.":[69,175],"In":[70,92,123,216],"practice,":[71,124],"should":[73],"simplify":[74],"state":[76,111,118,139,145,163,183,221],"machine":[77,119,146,184],"of":[78,90,102,120,131,137,147,172,185,189,202,264,280],"handshake":[81,187],"a":[83,161,169,248],"linear":[84],"message":[85],"flow":[86],"similar":[87],"that":[89,231],"TLS.":[91],"work,":[94],"we":[95,218],"analyze":[96],"design,":[98],"implementation,":[99],"and":[100,134,239,270],"security":[101,201,243,278],"KEX":[104,196,208,237],"in":[105,226,247,252,276],"popular":[106],"servers,":[108],"using":[109],"black-box":[110],"learning,":[112],"can":[114],"uncover":[115],"hidden":[117],"implementation.":[122,257],"it":[125],"limited":[127],"number":[130],"learned":[132],"complexity":[136],"machine.":[140,164],"Thus,":[141],"learning":[142,159],"complete":[144,182],"infeasible.":[150],"Previous":[151],"research":[152],"therefore,":[155],"excluded":[156],"messages,":[158],"only":[160],"partial":[162],"However,":[165],"these":[166],"critical":[170,242],"part":[171],"We":[176,198,229],"propose":[177],"instead":[179],"learn":[180,219],"phase":[188],"server,":[192],"but":[193],"with":[194],"enabled.":[197],"investigate":[199],"ten":[203],"implementations":[205,233],"supporting":[206],"up":[210],"five":[212],"algorithms.":[215],"total,":[217],"33":[220],"machines,":[222],"revealing":[223],"significant":[224],"differences":[225],"implementations.":[228],"show":[230],"seven":[232],"violate":[234],"specification":[238],"find":[240],"two":[241],"vulnerabilities.":[244],"One":[245],"results":[246],"rogue":[249],"session":[250],"proprietary":[254],"Tectia":[255],"Another":[258],"affects":[259],"official":[261],"implementation":[263],"Erlang":[266],"Open":[267],"Telecom":[268],"Platform,":[269],"enables":[271],"unauthenticated":[272],"code":[274],"execution":[275],"context":[279],"server.":[283]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-12T00:00:00"}