OpenSSH and CBC
Christian Weisgerber
naddy at mips.inka.de
Tue Jun 16 05:31:22 AEST 2015
On 2015-06-15, Gerhard Wiesinger <lists at wiesinger.com> wrote:
> I saw that OpenSSH release 6.7 removed all CBC ciphers by default. Is
> CBC therefore considered as broken and unsecure (in general or SSH
> implementation)?
CBC modes in SSH use the last encrypted block of the previous packet
as the IV for the next packet. The protocol is specified this way.
> I also read a lot of references (see below) but still not clear to me
> what's the actual "security status" of CBC and why it has been removed
> in general.
These are pertinent:
> http://www.kb.cert.org/vuls/id/958563
http://www.openssh.com/txt/cbc.adv
--
Christian "naddy" Weisgerber naddy at mips.inka.de
More information about the openssh-unix-dev
mailing list