Recent MAC improvements
Damien Miller
djm at mindrot.org
Tue Jun 12 11:21:32 EST 2007
On Mon, 11 Jun 2007, Damien Miller wrote:
> These changes need testing on as many platforms as possible. In particular
> we are interested in the following corner cases:
>
> - Old OpenSSL version (0.9.5ish)
> - Testing between big and little endian machines (i386 vs. sparc for example)
> - Testing between previous OpenSSH versions and -current
> - Testing on strict alignment architectures like Alpha and Itanium
One more case:
- Interoperability against non-OpenSSH implementations
This applies mainly for the MAC reuse change, as no other implementations
would support UMAC yet.
If other implementors want to support UMAC, there is a specification
for how OpenSSH does it at [1] which is awaiting publication (assuming
I have the IETF boilerplate de jour correct this time). OpenSSH uses a
slightly tweaked version of the UMAC reference implementation[2].
-d
[1] http://www.mindrot.org/~djm/internet-drafts/draft-miller-secsh-umac-00.txt
[2] http://www.fastcrypto.org/umac/2004/code.html
More information about the openssh-unix-dev
mailing list