Re: AEAD in ssh

To: Bryan Ford <brynosaurus%gmail.com@localhost>
Subject: Re: AEAD in ssh
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: Tue, 23 Feb 2016 16:56:19 +0100

Bryan Ford <brynosaurus%gmail.com@localhost> writes:

> I see that in 3.1 on “Encrypting the packet length”, you’ve suggested
> the same approach as one of the earlier approaches I suggested a while
> ago in the corresponding TLS discussion. That’s a reasonable approach
> and I think would work, but I wanted to make sure you’re aware of
> another alternative that I’ve come to think is both cleaner and safer:
> just embed the length of the next packet within the normal
> AEAD-encrypted payload of its immediately prior packet.

Thanks for the update. 

This could make a lot of sense for a new protocol or for a larger
protocol update. But I think adding the length field to the preceding
packet is a too large structural change of the ssh protocol to do just
to support AEAD ciphers.

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.

Follow-Ups:
- Re: AEAD in ssh
  - From: Bryan Ford

References:
- Re: suggestion for new ssh maintenance wg
  - From: denis bider
- AEAD in ssh
  - From: Niels Möller
- Re: AEAD in ssh
  - From: Mark D. Baushke
- Re: AEAD in ssh
  - From: Niels Möller
- Re: AEAD in ssh
  - From: Niels Möller
- Re: AEAD in ssh
  - From: Bryan Ford

Prev by Date: Re: AEAD in ssh
Next by Date: Re: AEAD in ssh
Previous by Thread: Re: AEAD in ssh
Next by Thread: Re: AEAD in ssh
Indexes:

Home | Main Index | Thread Index | Old Index