Re: applying AES-GCM to secure shell: proposed "tweak"

To: der Mouse <mouse%Rodents-Montreal.ORG@localhost>
Subject: Re: applying AES-GCM to secure shell: proposed "tweak"
From: Damien Miller <djm%mindrot.org@localhost>
Date: Wed, 15 Apr 2009 22:21:20 +1000 (EST)

On Wed, 15 Apr 2009, der Mouse wrote:

> >    Maybe it's easier to say that if an AEAD-algorithm is chosen for
> >    encryption, the lists of mac algorithms (for that direction) are
> >    ignored).
> 
> That would be a rather unpleasant violation of the existing definition.
> I'd much rather just re-kex if using a none MAC is that important.

Without offering a solution to the initial negotiation (all that I have
seen so far a ugly), I would observe that rekex is far to expensive to
be a good solution to this problem.

-d

Follow-Ups:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse

References:
- applying AES-GCM to secure shell: proposed "tweak"
  - From: Tim Polk
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Niels Möller
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: der Mouse

Prev by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Date: Re: New version: draft-green-secsh-ecc-06
Previous by Thread: Re: KEX_OPTION (Re: applying AES-GCM to secure shell: proposed "tweak")
Next by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Indexes:

Home | Main Index | Thread Index | Old Index