Re: How to handle incorrectly-encoded public keys

To: "ietf-ssh%netbsd.org@localhost" <ietf-ssh%netbsd.org@localhost>
Subject: Re: How to handle incorrectly-encoded public keys
From: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Date: Mon, 21 Nov 2022 09:36:56 +0000

[Redirected back to the list due to some addressing confusion]

Simon Tatham <anakin%pobox.com@localhost> writes:

>It's especially surprising since it's such an outdated value of e, so you'd
>most likely expect to see it coming from an SSH implementation that was
>outdated in other respects as well, such as not having even noticed rsa-
>sha2-256! The combination of e=3 with an up-to-date RSA variant (even if done
>wrong) is more surprising than either on its own.

It's a really strange mix, alongside the above it disconnects unless you send
the old-format GEX message (so SSH_MSG_KEX_DH_GEX_REQUEST_OLD instead of
SSH_MSG_KEX_DH_GEX_REQUEST) but then it also implements the -etm modes and
other stuff.  I'm waiting to hear back on whether any widely-use SSH
implementation will actually connect to it.

Peter.

References:
- How to handle incorrectly-encoded public keys
  - From: Peter Gutmann

Prev by Date: Re: How to handle incorrectly-encoded public keys
Next by Date: An additional-auth mechanism for SSH to protect against scanning/probing attacks
Previous by Thread: Re: How to handle incorrectly-encoded public keys
Next by Thread: An additional-auth mechanism for SSH to protect against scanning/probing attacks
Indexes:

Home | Main Index | Thread Index | Old Index