IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Authenticated cipher modes
On Mon, Apr 18, 2005 at 10:48:21AM +0200, Henrick Hellström wrote:
> While trying to figure out how to support CCM, EAX and OCB cipher modes
> or the Helix cipher (http://www.schneier.com/paper-helix.pdf), I spotted
> an issue with SSH-TRANS. These cipher modes have built in data
> integrity, but the SSH-TRANS algorithm negotiation mechanism clearly
> isn't designed to handle such encryption.
> Selecting CCM mode and the "none" data integrity algorithm would
> result in the desired state.)
I've not read Helix. However in general I'd assumed that use of a encryption
including integrity algorithm could always simply be used with SSH by choosing
a SSH MAC of "none". Certainly that's what I thought when I was considering
hacking in use of OCB.
DF
Home |
Main Index |
Thread Index |
Old Index