Re: applying AES-GCM to secure shell: proposed "tweak"

To: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Subject: Re: applying AES-GCM to secure shell: proposed "tweak"
From: Nicolas Williams <Nicolas.Williams%sun.com@localhost>
Date: Wed, 8 Apr 2009 23:00:01 -0500

On Wed, Apr 08, 2009 at 10:57:49PM -0500, Nicolas Williams wrote:
> On Thu, Apr 09, 2009 at 03:51:35PM +1200, Peter Gutmann wrote:
> > Nicolas Williams <Nicolas.Williams%sun.com@localhost> writes:
> > 
> > >[So far the only extensibility mechanisms that we have at that point in the
> > >protocol are: new protocol version number (not going to happen) and magic
> > >algorithm names (which have been used successfully).]
> > 
> > ... and the completely unused 32-bit flags field in the first message, which I
> > mentioned previously :-).
> 
> This:
> 
>       uint32       0 (reserved for future extension)
> 
> ?
> 
> Yes, that could be used too.

Er, actually, I'm not sure.  It depends on what implementations do with
it now when it's not set to 0.  Hmmm, what does the spec say to do about
that field?  Sadly: nothing, at least not in section 7.1.

That probably means that we can't use that field.

Follow-Ups:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Tero Kivinen
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Peter Gutmann

References:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Nicolas Williams
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Peter Gutmann
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Nicolas Williams

Prev by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Previous by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Indexes:

Home | Main Index | Thread Index | Old Index