Recent MAC improvements

Damien Miller djm at
Tue Jun 12 11:21:32 EST 2007

On Mon, 11 Jun 2007, Damien Miller wrote:

> These changes need testing on as many platforms as possible. In particular
> we are interested in the following corner cases:
> - Old OpenSSL version (0.9.5ish)
> - Testing between big and little endian machines (i386 vs. sparc for example)
> - Testing between previous OpenSSH versions and -current
> - Testing on strict alignment architectures like Alpha and Itanium

One more case:

 - Interoperability against non-OpenSSH implementations

This applies mainly for the MAC reuse change, as no other implementations
would support UMAC yet.

If other implementors want to support UMAC, there is a specification
for how OpenSSH does it at [1] which is awaiting publication (assuming
I have the IETF boilerplate de jour correct this time). OpenSSH uses a
slightly tweaked version of the UMAC reference implementation[2].



More information about the openssh-unix-dev mailing list