ChaCha20 Rekey Frequency
Damien Miller
djm at mindrot.org
Thu Mar 30 14:03:25 AEDT 2023
On Wed, 29 Mar 2023, Thorsten Glaser wrote:
> Hi Damien,
>
> >This is what I'm playing with at the moment:
>
> if you’re playing with this currently anyway, shouldn’t…
>
> >+ /*
> >+ * Otherwise, use the RFC4344 s3.2 recommendation of 2**(L/4) blocks
> >+ * before rekeying where L is the blocksize in bits.
> >+ * Most other ciphers have a 128 bit blocksize, so this equates to
> >+ * 2**32 blocks / 64GB data.
> >+ */
> >+ return (uint64_t)1 << (c->block_size * 2);
>
> … this get an upper bound? This is UB for 256-bit blocksizes
> at least…
block sizes in struct sshcipher are in bytes, not bits
More information about the openssh-unix-dev
mailing list