D(HE)at is a denial-of-service (DoS) attack on the finite field Diffie-Hellman (DH) key exchange protocol allowing remote users without any privileges triggering expensive server-side DH modular-exponentiation calculations without any significant resource (CPU) requirement on the attacker’s side.

The attack was assigned CVE-2002-20001 number while the full technical paper published at IEEE Access.

Cryptolyzer, ssh-audit (open source), and Scanigma (SaaS) can be used to check whether your service is affected by D(HE)at attack.

Recent References

An Analysis of the DHEat DoS Against SSH in Cloud Environments

read more

More

0.12.2 Changelog

D(HE)at: A Practical Denial-of-Service Attack on the Finite Field Diffie–Hellman Key Exchange

SA-2023-059 - DHEat attack (CVE-2002-20001)

Diffie-Hellman Ephemeral Key Exchange DoS Vulnerability (SSL/TLS, D(HE)ater)

All References