I guess MT's implementation is not OpenSSH based
It identifies itself as "ROSSSH". The Terrapin Vulnerability Scanner claims it is not vulnerable, but it is due to not supporting the ChaCha20-Poly1305 cipher and the CBC-EtM mode.
There's an irony, then: up-thread, I claimed that a benefit of double encryption is that both algos wouldn't be vulnerable at the same time, but ChaCha20 is what Wireguard uses! As far as we know, ChaCha20 in WG isn't vulnerable in the same way, but the only saving grace on the SSH side is that RoS's implementation lags on features compared to OpenSSH, so they hadn't gotten around to implementing the vulnerable algorithms yet.
I don't know if that counts as success, luck, or laziness.
If a similar vulnerability is then found in wireguard
As I understand it, the SSH vulnerability depends on structural weaknesses in the SSH protocol specifically, not on all uses of ChaCha20. Only if WG made the same mistake OpenSSH did would their use of ChaCha20 be relevant.
Meanwhile, I offer these two links:
Statistics: Posted by tangent — Thu Jan 25, 2024 10:39 am
