IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Curve25519/448 key agreement for SSH



denis wrote:
> Folks who use older versions are typically people who don't care about
> CBC until it comes up in a security scan... At which point they
> grudgingly consider upgrading their 10 year old version. :)

I believe that more than just ancient editions of SSH implementations
are going to need to have AES CBC mode for at least a few more years...

In the Common Criteria world, there is the
collaborative Protection Profile for Network Devices Version 1.0
https://www.niap-ccevs.org/pp/pp.cfm?id=CPP_ND_V1.0

    FCS_SSHC_EXT.1.1 The TSF shall implement the SSH protocol that
    complies with RFCs 4251, 4252, 4253, 4254, and [selection: 5647,
    5656, 6187, 6668, no other RFCs].

    ...elided...

    FCS_SSHC_EXT.1.4 The TSF shall ensure that the SSH transport
    implementation uses the following encryption algorithms and rejects
    all other encryption algorithms: aes128-cbc, aes256-cbc, [selection:
    AEAD_AES_128_GCM, AEAD_AES_256_GCM, no other algorithms].

The AEAD_AES_128_GCM and AEAD_AES_256_GCM as specified in RFC 5647 is
not implemented exactly by a number of SSH implementations, so that
tends to leave aes128-cbc and aes256-cbc for those trying to obtain
a Common Criteria CPP_ND_V1.0 certification.

While it may be possible to change this going forward, it probably means
that one or more folks from the technical community need to participate
in the Technical Communities by asking tc-ssh-staff%niap-ccevs.org@localhost ...

| Call for Participants in Technical Communities (26 August 2015)
| 
| The National Information Assurance Partnership/Common Criteria
| Evaluation and Validation Scheme (NIAP/CCEVS) is inviting industry,
| government, end users, academic institutions, and labs with relevant
| technology expertise and research focus to participate in the
| following Technical Communities (TCs). If you are interested in
| joining a technical community and participating in the development
| of Protection Profiles for these technologies, please contact
| NIAP/CCEVS at:
| 
|     Secure Shell (SSH)    tc-ssh-staff%niap-ccevs.org@localhost
| 
|         VPN Client    tc-vpnclient-staff%niap-ccevs.org@localhost

	-- Mark



Home | Main Index | Thread Index | Old Index