Provably Fixing the SSH Binary Packet Protocol

Dries Schellekens gwyllion at ace.ulyssis.org
Sun Jun 23 21:34:19 EST 2002


On Sun, 23 Jun 2002, Markus Friedl wrote:

> it's more likely if someone sends a patch.

They seem to suggest advice the replace CBC with stateful-decryption CTR
(counter) mode:
http://www-cse.ucsd.edu/users/tkohno/papers/SSH/sshadvice.html

libssl/crypto seems to have AES_ctr128_encrypt.


Dries
-- 
Dries Schellekens
email: gwyllion at ulyssis.org




More information about the openssh-unix-dev mailing list