IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: updated transport & userauth drafts



I think it's too soon to make a document change because of this --
most importantly, I don't think that enough Real Cryptographers(tm)
have looked at either the problem or the proposed fix to conclude that
a change along the lines of your suggested fix is better than leaving
the document alone.

The use of ciphers in counter mode is also very new, and, as with all
stream ciphers, there are some definite subtleties to their use; who's
to say that crypto researchers won't find a problem with counter modes
which are just as bad as the CBC problem (i.e., a purely theoretical
vulnerability except in a few corner cases).

new ciphers can follow later once there's clear consensus on a
solution.

					- Bill



Home | Main Index | Thread Index | Old Index