Some questions about "SSH Transport Layer Encryption Modes"

To: ietf-ssh%NetBSD.org@localhost
Subject: Some questions about "SSH Transport Layer Encryption Modes"
From: pgut001%cs.auckland.ac.nz@localhost (Peter Gutmann)
Date: Thu, 16 Oct 2003 19:36:48 +1300

These are more just ideas tossed out to see what thoughts people have on the
topic...

- I can't see any indication of how binding this is (or will be), is it
  experimental, informational, or standards-track?

- Section 3 talks about re-keying, but there seems to be some ambiguity in
  implementations about how to handle re-keying (specifically, what to do with
  data flows in progress when the re-key happens).  How viable is the re-
  keying approach really?

- From an implementation point of view, how practical is it to require the use
  of SDCTR mode?  It's not one of the big four (ECB/CBC/CFB/OFB), which makes
  it awkward to use with any standard crypto library or crypto hardware
  because it has to be manually synthesised from ECB.  Conversely, if people
  have to implement a nonstandard encryption mode anyway, what about just
  going the whole way and using some provable authenticate+encrypt
  combination?

Peter.

Follow-Ups:
- Re: Some questions about "SSH Transport Layer Encryption Modes"
  - From: Markus Friedl

Prev by Date: Re: Submission: draft-ietf-secsh-publickey-subsystem-03.txt
Next by Date: Re: Some questions about "SSH Transport Layer Encryption Modes"
Previous by Thread: I-D ACTION:draft-ietf-secsh-newmodes-01.txt
Next by Thread: Re: Some questions about "SSH Transport Layer Encryption Modes"
Indexes:

Home | Main Index | Thread Index | Old Index