Skip to content
Vol. 1 · Ed. 2026
CyberGlossary
日本語
Entry № 1260

Terrapin Attack (CVE-2023-48795)

Terrapin Attack (CVE-2023-48795) とは何ですか?

Terrapin Attack (CVE-2023-48795)A 2023 prefix-truncation flaw in the SSH transport protocol that allows an active network attacker to silently downgrade or strip extensions during the handshake, weakening features like keystroke timing protection.

The Terrapin attack (CVE-2023-48795), disclosed by Bäumer, Brinkmann, and Schwenk in December 2023, is a prefix-truncation flaw in the SSH binary packet protocol. By manipulating packet sequence numbers during the initial KEX handshake — specifically when ChaCha20-Poly1305 (`chacha20-poly1305@openssh.com`) or CBC-EtM ciphers are used — a man-in-the-middle attacker can truncate the secure channel's initial messages without the integrity check failing, causing both ends to disagree about which extensions were negotiated. The most cited practical impact is silently disabling extensions such as keystroke-timing obfuscation; the underlying primitive can also weaken implementation-specific authentication features (notably AsyncSSH's CVE-2023-46446). Terrapin spurred quick fixes: OpenSSH 9.6 introduced a strict KEX mode that resets sequence numbers, and most major SSH implementations (Dropbear, libssh, PuTTY, Bitvise, Cisco IOS) followed. Mitigation is to upgrade clients and servers so both negotiate `strict-kex`, and to prefer AES-GCM ciphers, which are unaffected.

  1. 01

    An attacker positioned between two SSH peers truncates the KEX handshake so a keystroke-timing extension never gets negotiated, then mounts a timing attack on the user's password.

  2. 02

    An infrastructure team rolls out OpenSSH 9.6 across all jump hosts; the new `strict-kex` negotiation reports `kex_strict_s_v00@openssh.com` and blocks the truncation primitive.

よくある質問

Terrapin Attack (CVE-2023-48795) とは何ですか?

A 2023 prefix-truncation flaw in the SSH transport protocol that allows an active network attacker to silently downgrade or strip extensions during the handshake, weakening features like keystroke timing protection. サイバーセキュリティの 攻撃と脅威 カテゴリに属します。

Terrapin Attack (CVE-2023-48795) とはどういう意味ですか?

A 2023 prefix-truncation flaw in the SSH transport protocol that allows an active network attacker to silently downgrade or strip extensions during the handshake, weakening features like keystroke timing protection.

Terrapin Attack (CVE-2023-48795) はどのように機能しますか?

The Terrapin attack (CVE-2023-48795), disclosed by Bäumer, Brinkmann, and Schwenk in December 2023, is a prefix-truncation flaw in the SSH binary packet protocol. By manipulating packet sequence numbers during the initial KEX handshake — specifically when ChaCha20-Poly1305 (`chacha20-poly1305@openssh.com`) or CBC-EtM ciphers are used — a man-in-the-middle attacker can truncate the secure channel's initial messages without the integrity check failing, causing both ends to disagree about which extensions were negotiated. The most cited practical impact is silently disabling extensions such as keystroke-timing obfuscation; the underlying primitive can also weaken implementation-specific authentication features (notably AsyncSSH's CVE-2023-46446). Terrapin spurred quick fixes: OpenSSH 9.6 introduced a strict KEX mode that resets sequence numbers, and most major SSH implementations (Dropbear, libssh, PuTTY, Bitvise, Cisco IOS) followed. Mitigation is to upgrade clients and servers so both negotiate `strict-kex`, and to prefer AES-GCM ciphers, which are unaffected.

Terrapin Attack (CVE-2023-48795) からどのように防御しますか?

Terrapin Attack (CVE-2023-48795) に対する防御は通常、上記の定義で述べたとおり、技術的統制と運用上の実践を組み合わせます。

Terrapin Attack (CVE-2023-48795) の別名は何ですか?

一般的な別名: CVE-2023-48795, SSH prefix truncation。

関連用語