SSH and Terrapin attack

0 votes
The terrapin attack works by inserting an IGNORE message that misaligns the sequence numbers, which then allows the attacker to drop an important message, after which the sequence numbers align again.

This makes the following question come up: If the mismatched sequence numbers (between the IGNORE and dropped message) are not detected, why do we even have to make sure that the sequence numbers align after the dropped message?
by
edit history

1 Answer

0 votes
During the handshake phase, the sequence numbers are allowed to misalign as they are not included in the signature (as well as the IGNORE message).

To protect the application data, the sequence numbers are used within the MAC computation, though. So then they have to align again. To achieve this, the attacker can now drop the first message from the server to the client. Afterwards, the sequence numbers align again, and the MAC computation works.

I hope this helps :)
by (1.2k points)
edit history