{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,13]],"date-time":"2026-06-13T05:43:21Z","timestamp":1781329401818,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":65,"publisher":"ACM","funder":[{"DOI":"10.13039\/501100001659","name":"Deutsche Forschungsgemeinschaft","doi-asserted-by":"publisher","award":["390781972"],"award-info":[{"award-number":["390781972"]}],"id":[{"id":"10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002347","name":"Bundesministerium f\u00fcr Bildung und Forschung","doi-asserted-by":"publisher","award":["16KIS1557"],"award-info":[{"award-number":["16KIS1557"]}],"id":[{"id":"10.13039\/501100002347","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,11,19]]},"DOI":"10.1145\/3719027.3765079","type":"proceedings-article","created":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T23:42:02Z","timestamp":1763854922000},"page":"4619-4633","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["On the Security of SSH Client Signatures"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-5569-6625","authenticated-orcid":false,"given":"Fabian","family":"B\u00e4umer","sequence":"first","affiliation":[{"name":"Ruhr University Bochum, Bochum, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5649-6357","authenticated-orcid":false,"given":"Marcus","family":"Brinkmann","sequence":"additional","affiliation":[{"name":"Ruhr University Bochum, Bochum, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-3059-6823","authenticated-orcid":false,"given":"Maximilian","family":"Radoy","sequence":"additional","affiliation":[{"name":"Paderborn University, Paderborn, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9315-7354","authenticated-orcid":false,"given":"J\u00f6rg","family":"Schwenk","sequence":"additional","affiliation":[{"name":"Ruhr University Bochum, Bochum, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3593-7720","authenticated-orcid":false,"given":"Juraj","family":"Somorovsky","sequence":"additional","affiliation":[{"name":"Paderborn University, Paderborn, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2025,11,22]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978364"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-77870-5_19"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.5"},{"key":"e_1_3_2_2_4_1","volume-title":"DEF CON 2018","author":"Amiet Nils","year":"2018","unstructured":"Nils Amiet and Yolan Romailler. 2018. Reaping and breaking keys at scale: when crypto meets big data. Presented at DEF CON 2018. https:\/\/research.kudelskisecurity.com\/wp-content\/uploads\/2018\/08\/amiet-romailler-reaping-keys-final-slides.pdf accessed: 2025-09-09."},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-36400-5_20"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-47238-6_6"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"crossref","unstructured":"Elaine Barker. 2006. Recommendation for Obtaining Assurances for Digital Signature Applications. Technical Report NIST Special Publication (SP) 800-89. National Institute of Standards and Technology Gaithersburg MD. https:\/\/doi.org\/10.6028\/NIST.SP.800-89","DOI":"10.6028\/NIST.SP.800-89"},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"crossref","unstructured":"Elaine Barker. 2018. Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography. Technical Report NIST Special Publication (SP) 800-56a. National Institute of Standards and Technology Gaithersburg MD. https:\/\/doi.org\/10.6028\/NIST.SP.800-56Ar3","DOI":"10.6028\/NIST.SP.800-56Ar3"},{"key":"e_1_3_2_2_9_1","volume-title":"Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation. In USENIX Security","author":"B\u00e4umer Fabian","year":"2024","unstructured":"Fabian B\u00e4umer, Marcus Brinkmann, and J\u00f6rg Schwenk. 2024. Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation. In USENIX Security 2024, Davide Balzarotti and Wenyuan Xu (Eds.). USENIX Association, Philadelphia, PA, USA. https:\/\/www.usenix.org\/conference\/usenixsecurity24\/presentation\/b%C3%A4umer"},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586112"},{"key":"e_1_3_2_2_11_1","unstructured":"Luciano Bello. 2008. CVE-2008-0166. Available from MITRE CVE-ID CVE-2008-0166. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=cve-2008-0166 accessed: 2025-07-23."},{"key":"e_1_3_2_2_12_1","unstructured":"Daniel J Bernstein. 2004. How to find smooth parts of integers. https:\/\/cr.yp.to\/papers.html#smoothparts accessed: 2025-04-14."},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23418"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","unstructured":"Denis Bider. 2018. Extension Negotiation in the Secure Shell (SSH) Protocol. RFC 8308. https:\/\/doi.org\/10.17487\/RFC8308","DOI":"10.17487\/RFC8308"},{"key":"e_1_3_2_2_15_1","unstructured":"Hanno B\u00f6ck. 2023. Fermat Factorization in the Wild. Cryptology ePrint Archive Report 2023\/026. https:\/\/eprint.iacr.org\/2023\/026"},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1007\/s001450010016"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-68697-5_11"},{"key":"e_1_3_2_2_18_1","unstructured":"Fabrice Boudot Pierrick Gaudry Aurore Guillevic Nadia Heninger Emmanuel Thom\u00e9 and Paul Zimmermann. 2019. 795-bit factoring and discrete logarithms. https:\/\/caramba.loria.fr\/dlp240-rsa240.txt accessed: 2025-04-14."},{"key":"e_1_3_2_2_19_1","unstructured":"Fabrice Boudot Pierrick Gaudry Aurore Guillevic Nadia Heninger Emmanuel Thom\u00e9 and Paul Zimmermann. 2020. Factorization of RSA-250. https:\/\/sympa.inria.fr\/sympa\/arc\/cado-nfs\/2020-02\/msg00001.html accessed: 2025-04-14."},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-32101-7_1"},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-95312-6_8"},{"key":"e_1_3_2_2_22_1","unstructured":"Ben Cartwright-Cox. 2015. Auditing GitHub users' SSH key quality. https:\/\/blog.benjojo.co.uk\/post\/auditing-github-users-keys accessed: 2025-04-14."},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","unstructured":"Lily Chen Dustin Moody Karen Randall Andrew Regenscheid and Angela Robinson. 2023. Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters. https:\/\/doi.org\/10.6028\/NIST.SP.800-186","DOI":"10.6028\/NIST.SP.800-186"},{"key":"e_1_3_2_2_24_1","unstructured":"Cryptosense. 2015. Batch-GCDing GitHub SSH Keys. https:\/\/web.archive.org\/web\/20161119145246\/https:\/\/cryptosense.com\/batch-gcding-github-ssh-keys\/ accessed: 2025-04-14."},{"key":"e_1_3_2_2_25_1","unstructured":"Wei Dai. 2002. email to IETF mailing list. https:\/\/www.ietf.org\/ietf-ftp\/ietf-mail-archive\/secsh\/2002-02.mail accessed: 2025-09-09."},{"key":"e_1_3_2_2_26_1","unstructured":"Hal Finney. 2006. Bleichenbacher's RSA signature forgery based on implementation error. https:\/\/mailarchive.ietf.org\/arch\/msg\/openpgp\/5rnE9ZRN1AokBVj3VqblGlP63QE accessed: 2025-07-23."},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3092282.3092289"},{"key":"e_1_3_2_2_28_1","unstructured":"CA\/Browser Forum. 2024. Baseline Requirements for the Issuance and Management of Publicly-Trusted TLS Server Certificates. https:\/\/cabforum.org\/working-groups\/server\/baseline-requirements\/documents\/CA-Browser-Forum-TLS-BR-2.1.2.pdf accessed: 2025-04-14."},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2014.6838249"},{"key":"e_1_3_2_2_30_1","unstructured":"GitHub Inc. 2025. Using SSH agent forwarding. https:\/\/docs.github.com\/en\/authentication\/connecting-to-github-with-ssh\/using-ssh-agent-forwarding accessed: 2025-04-14."},{"key":"e_1_3_2_2_31_1","unstructured":"Artem Golubin. 2019. Public SSH keys can leak your private infrastructure. https:\/\/rushter.com\/blog\/public-ssh-keys\/ accessed: 2025-09-09."},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2987443.2987486"},{"key":"e_1_3_2_2_33_1","volume-title":"USENIX Security","author":"Heninger Nadia","year":"2012","unstructured":"Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. 2012. Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices. In USENIX Security 2012, Tadayoshi Kohno (Ed.). USENIX Association, Bellevue, WA, USA, 205-220. https:\/\/www.usenix.org\/conference\/usenixsecurity12\/technical-sessions\/presentation\/heninger"},{"key":"e_1_3_2_2_34_1","volume-title":"RSA Challenge List","author":"RSA Security Inc.","unstructured":"RSA Security Inc., 1994. RSA Challenge List. http:\/\/www.ontko.com\/pub\/rayo\/primes\/rsa_fact.html accessed: 2025-04-14."},{"key":"e_1_3_2_2_35_1","volume-title":"LZR: Identifying Unexpected Internet Services. In USENIX Security","author":"Izhikevich Liz","year":"2021","unstructured":"Liz Izhikevich, Renata Teixeira, and Zakir Durumeric. 2021. LZR: Identifying Unexpected Internet Services. In USENIX Security 2021, Michael Bailey and Rachel Greenstadt (Eds.). USENIX Association, 3111-3128. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/izhikevich"},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516719"},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","unstructured":"Simon Josefsson and Ilari Liusvaara. 2017. Edwards-Curve Digital Signature Algorithm (EdDSA). RFC 8032. https:\/\/doi.org\/10.17487\/RFC8032","DOI":"10.17487\/RFC8032"},{"key":"e_1_3_2_2_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/EUROCON.2013.6624967"},{"key":"e_1_3_2_2_39_1","volume-title":"Factoring integers with elliptic curves. Annals of mathematics","author":"Lenstra Hendrik W","year":"1987","unstructured":"Hendrik W Lenstra Jr. 1987. Factoring integers with elliptic curves. Annals of mathematics (1987), 649-673."},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC4250"},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC4252"},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC4254"},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC4251"},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC4253"},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.5815\/ijcnis.2016.09.03"},{"key":"e_1_3_2_2_46_1","unstructured":"Damien Miller. 2024. SSH Agent Protocol. Internet-Draft draft-ietf-sshm-ssh-agent-01. Internet Engineering Task Force. https:\/\/datatracker.ietf.org\/doc\/draft-ietf-sshm-ssh-agent\/01\/ Work in Progress."},{"key":"e_1_3_2_2_47_1","unstructured":"Damien Miller and Markus Friedl. 2020. This document describes OpenSSH's support for U2F\/FIDO security keys. https:\/\/cvsweb.openbsd.org\/cgi-bin\/cvsweb\/src\/usr.bin\/ssh\/PROTOCOL.u2f?rev=1.26 accessed: 2025-04-14."},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133969"},{"key":"e_1_3_2_2_49_1","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.FIPS.186-4"},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.FIPS.186-5"},{"key":"e_1_3_2_2_51_1","volume-title":"USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET). 8.","author":"Owens Jim","year":"2008","unstructured":"Jim Owens and Jeanna Matthews. 2008. A study of passwords and methods used in brute-force SSH attacks. In USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET). 8."},{"key":"e_1_3_2_2_52_1","volume-title":"Materials & Continua","volume":"68","author":"Park Jeonghoon","year":"2021","unstructured":"Jeonghoon Park, Jinsu Kim, Brij B Gupta, and Namje Park. 2021. Network log-based SSH brute-force attack detection model. Computers, Materials & Continua, Vol. 68, 1 (2021)."},{"key":"e_1_3_2_2_53_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-13190-5_18"},{"key":"e_1_3_2_2_54_1","volume-title":"Wagner","author":"Piet Julien","year":"2023","unstructured":"Julien Piet, Aashish Sharma, Vern Paxson, and David A. Wagner. 2023. Network Detection of Interactive SSH Impostors Using Deep Learning. In USENIX Security 2023, Joseph A. Calandrino and Carmela Troncoso (Eds.). USENIX Association, Anaheim, CA, USA, 4283-4300. https:\/\/www.usenix.org\/conference\/usenixsecurity23\/presentation\/piet"},{"key":"e_1_3_2_2_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2018.00031"},{"key":"e_1_3_2_2_56_1","volume-title":"Monte Carlo methods for index computation (mod p). Mathematics of computation","author":"Pollard John M","year":"1978","unstructured":"John M Pollard. 1978. Monte Carlo methods for index computation (mod p). Mathematics of computation, Vol. 32, 143 (1978), 918-924."},{"key":"e_1_3_2_2_57_1","doi-asserted-by":"publisher","unstructured":"Thomas Pornin. 2013. Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA). RFC 6979. https:\/\/doi.org\/10.17487\/RFC6979","DOI":"10.17487\/RFC6979"},{"key":"e_1_3_2_2_58_1","volume-title":"ScanSSH: Scanning the Internet for SSH Servers. In 15th Systems Administration Conference (LISA 2001","author":"Provos Niels","year":"2001","unstructured":"Niels Provos and Peter Honeyman. 2001. ScanSSH: Scanning the Internet for SSH Servers. In 15th Systems Administration Conference (LISA 2001). USENIX Association, San Diego, CA. https:\/\/www.usenix.org\/conference\/lisa-2001\/scanssh-scanning-internet-ssh-servers"},{"key":"e_1_3_2_2_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616629"},{"key":"e_1_3_2_2_60_1","volume-title":"USENIX Security","author":"Song Dawn Xiaodong","year":"2001","unstructured":"Dawn Xiaodong Song, David A. Wagner, and Xuqing Tian. 2001. Timing Analysis of Keystrokes and Timing Attacks on SSH. In USENIX Security 2001, Dan S. Wallach (Ed.). USENIX Association, Washington, DC, USA. http:\/\/www.usenix.org\/publications\/library\/proceedings\/sec01\/song.html"},{"key":"e_1_3_2_2_61_1","volume-title":"An Implementation of the Number Field Sieve Algorithm","author":"Development Team The CADO-NFS","unstructured":"The CADO-NFS Development Team. 2017. CADO-NFS, An Implementation of the Number Field Sieve Algorithm. http:\/\/cado-nfs.inria.fr\/ Release 2.3.0, accessed: 2025-04-14."},{"key":"e_1_3_2_2_62_1","unstructured":"Filippo Valsorda. 2015. ssh who am i. https:\/\/words.filippo.io\/ssh-whoami-filippo-io\/ accessed: 2025-04-14."},{"key":"e_1_3_2_2_63_1","doi-asserted-by":"publisher","DOI":"10.14722\/diss.2020.23007"},{"key":"e_1_3_2_2_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3485382"},{"key":"e_1_3_2_2_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/1644893.1644896"}],"event":{"name":"CCS '25: ACM SIGSAC Conference on Computer and Communications Security","location":"Taipei Taiwan","acronym":"CCS '25","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3765079","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:32:13Z","timestamp":1766442733000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3719027.3765079"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,19]]},"references-count":65,"alternative-id":["10.1145\/3719027.3765079","10.1145\/3719027"],"URL":"https:\/\/doi.org\/10.1145\/3719027.3765079","relation":{},"subject":[],"published":{"date-parts":[[2025,11,19]]},"assertion":[{"value":"2025-11-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}