Re: Core draft last call update.

To: ietf-ssh%netbsd.org@localhost
Subject: Re: Core draft last call update.
From: Bodo Moeller <moeller%cdc.informatik.tu-darmstadt.de@localhost>
Date: Tue, 12 Mar 2002 14:02:56 +0100

On Sun, Mar 10, 2002 at 09:38:49PM -0800, Wei Dai wrote:

[...]
> Given that the problem was found in time, and that the fix is simple (I've
> already provided the suggested language), why not just agree to fix it
> now?

What about the attack described in Appendix C of
<URL:http://eprint.iacr.org/2001/045/>, which appears to be
applicable to the SSH binary packet protocol as specified in
draft-ietf-secsh-transport-13.txt (no matter if CBC or OFB or
counter mode is used)?

-- 
Bodo Möller <moeller%cdc.informatik.tu-darmstadt.de@localhost>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036

Follow-Ups:
- Re: Core draft last call update.
  - From: Bill Sommerfeld
- Re: Core draft last call update.
  - From: Bill Sommerfeld

References:
- Re: Core draft last call update.
  - From: Bill Sommerfeld
- Re: Core draft last call update.
  - From: Wei Dai

Prev by Date: a more detailed analysis of "known IV" vulnerability.
Next by Date: Re: Core draft last call update.
Previous by Thread: Re: Core draft last call update.
Next by Thread: Re: Core draft last call update.
Indexes:

Home | Main Index | Thread Index | Old Index