An Analysis of the DHEat DoS Against SSH in Cloud Environments

The DHEat denial-of-service vulnerability involves sending a large number of Diffie-Hellman (DH) public keys to a peer, causing it to perform many unnecessary modular exponentiations and wasting CPU resources (in fact, the attacker can simply send random numbers instead of real DH keys to avoid incurring the computational penalty themselves). Because the DH handshake occurs before authentication in many network protocols (such as SSH), the attack can be conducted anonymously. And interestingly, as the size of the DH modulus increases, the brute-force security of the key exchange also increases, but so does the susceptibility to the DHEat attack since larger (and more expensive) modular exponentiation is required.