IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Core draft last call update.
On Thu, Mar 14, 2002 at 08:00:54PM -0800, Wei Dai wrote:
> I was not aware that existing implementations already support CFB/OFB.
> Apparently this is the case for OpenSSH, but it's not documented anywhere.
> OpenSSH also seems to support ECB mode, which does not make any sense to
> me. BTW, OpenSSH appears to use unregistered reserved names for these
> ciphers, which violates section 5 of the architecture spec.
You have me confused. What are you talking about? Did you look at
the source code, cipher.c contains the supported ciphers, including
their names as announced during kex init:
{ "3des-cbc", SSH_CIPHER_SSH2, 8, 24, EVP_des_ede3_cbc },
{ "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc },
{ "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc },
{ "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 },
{ "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael },
{ "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael },
{ "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael },
I do not think that any of these ciphers violate any section of
any spec produced by this working group. Specficially:
The following ciphers are currently defined:
3des-cbc REQUIRED three-key 3DES in CBC mode
blowfish-cbc RECOMMENDED Blowfish in CBC mode
twofish256-cbc OPTIONAL Twofish in CBC mode,
with 256-bit key
twofish-cbc OPTIONAL alias for "twofish256-cbc" (this
is being retained for
historical reasons)
twofish192-cbc OPTIONAL Twofish with 192-bit key
twofish128-cbc RECOMMENDED Twofish with 128-bit key
aes256-cbc OPTIONAL AES (Rijndael) in CBC mode,
with 256-bit key
aes192-cbc OPTIONAL AES with 192-bit key
aes128-cbc RECOMMENDED AES with 128-bit key Y
serpent256-cbc OPTIONAL Serpent in CBC mode, with
256-bit key
serpent192-cbc OPTIONAL Serpent with 192-bit key
serpent128-cbc OPTIONAL Serpent with 128-bit key
arcfour OPTIONAL the ARCFOUR stream cipher
idea-cbc OPTIONAL IDEA in CBC mode
cast128-cbc OPTIONAL CAST-128 in CBC mode
Please, explain yourself.
I believe the biggest concern is a further delay of the drafts which
already have been delayed for several years. None of the attacks that
have been discussed here seem relevant enough to warrant delaying the
drafts for another year.
We can always define more ciphers and modes once the main drafts have
been published.
Niels.
Home |
Main Index |
Thread Index |
Old Index