Displaying 20 results from an estimated 213 matches for "rekeying".
2003 Apr 11
2
How often should an encrypted session be rekeyed?
Using OpenSSL, is there a preferred/recommended rate of rekeying an
encrypted stream of data? Does OpenSSL handle this for developers
behind the scenes? Does it even need to be rekeyed?
Thanks in advance. -sc
--
Sean Chittenden
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature...
2023 Mar 24
1
ChaCha20 Rekey Frequency
I'm wondering why the ChaCha20 cipher rekeys so frequently. At speed I'm
seeing rekeys every second or two. So I'm spending a large amount of
time in the rekey process. From what I've read about ChaCha20 it
shouldn't need to be rekeyed quite so frequently. Am I missing something
obvious?
Just curious more than anything else.
Chris
2005 Jun 13
1
rekeying in SSH-2 and session setup?
Dear all,
while playing around with openssh-4.1p1 (trying to add AFS token
forwarding in SSH-2), I noticed that agressive rekeying (as e.g.
employed by regress/rekey.sh, rekeying every 16bytes) seems to disturb
the various forwardings (X11, agent) set up at the beginning of the
session. These do not trigger regression test errors, since the client
does not ask for confirmation from the server for these commands (except
for rem...
2013 May 13
1
Session rekeying support in OpenSSH
Hi,
I am using OpenSSH_5.2p1. It seems ssh server doesn't support key
regeneration after a specified amount of time. I manually verified the
OpenSSH_5.2p1 and OpenSSH-6.2 source codes and haven?t found any code
support for session rekeying in both releases.
SSH2 supports session rekeying using the parameter ?RekeyIntervalSeconds?
with default value 3600 seconds (one hour) in both ssh2_config and
sshd2_config files. I haven?t found similar parameter in both releases
OpenSSH_5.2p1 and openssh-6.2 configuration files.
Does openSSH...
2023 Mar 29
1
ChaCha20 Rekey Frequency
I was wondering if there was something specific to the internal chacha20
cipher as opposed to OpenSSL implementation.
I can't just change the block size because it breaks compatibility. I
can do something like as a hack (though it would probably be better to
do it with the compat function):
if (strstr(enc->name, "chacha"))
*max_blocks = (u_int64_t)1 << (16*2);
2004 Feb 20
1
ssh client auto rekey feature.
...will be turned off because I'll be passing binary data so I can't
force a rekey with that method.
Since the ssh spec says one should rekey every hour, I plan to patch the ssh
client to implement an auto-rekey option.
Do any of the security/cipher gurus have any problem with automatically
rekeying the connection at a specific interval. For simplicity's sake I
just plan to implement a simple timer that goes off every
user-specified-interval and rekeys the connection.
If the developers are interested, I'll send the patch along when I'm done.
Thanks,
John
2016 Jan 05
14
[Bug 2521] New: subtract buffer size from computed rekey limit to avoid exceeding it
...rekey limit (max_blocks_*
fields in the session state) is only performed in clientloop and
serverloop after processing a buffered batch of packets, the amount of
data encrypted/decrypted will almost always go above the limit for a
few blocks (depending on how much of them were in the buffer) before
rekeying is triggered.
In our case at Facebook, this was causing AES-GCM to go above the 64
GiB limit shortly before triggering rekeying and abort with an error,
unless a sufficiently lower RekeyLimit is explicitly set (which itself
can only be set to values less than 4GiB because of u32int being used,
but...
2023 Mar 29
1
[EXTERNAL] Re: ChaCha20 Rekey Frequency
...t a/cipher.c b/cipher.c
index c7664a3..ec6fa4f 100644
--- a/cipher.c
+++ b/cipher.c
@@ -150,6 +150,39 @@ cipher_blocksize(const struct sshcipher *c)
return (c->block_size);
}
+uint64_t
+cipher_rekey_blocks(const struct sshcipher *c)
+{
+ /*
+ * Chacha20-Poly1305 does not benefit from data-based rekeying,
+ * per "The Security of ChaCha20-Poly1305 in the Multi-user Setting",
+ * Degabriele, J. P., Govinden, J, Gunther, F. and Paterson K.
+ * ACM CCS 2021; https://eprint.iacr.org/2023/085.pdf<https://eprint.iacr.org/2023/085.pdf>
+ *
+ * Cryptanalysis aside, we do still want do need...
2023 Mar 29
2
ChaCha20 Rekey Frequency
...ipher.c b/cipher.c
index c7664a3..ec6fa4f 100644
--- a/cipher.c
+++ b/cipher.c
@@ -150,6 +150,39 @@ cipher_blocksize(const struct sshcipher *c)
return (c->block_size);
}
+uint64_t
+cipher_rekey_blocks(const struct sshcipher *c)
+{
+ /*
+ * Chacha20-Poly1305 does not benefit from data-based rekeying,
+ * per "The Security of ChaCha20-Poly1305 in the Multi-user Setting",
+ * Degabriele, J. P., Govinden, J, Gunther, F. and Paterson K.
+ * ACM CCS 2021; https://eprint.iacr.org/2023/085.pdf
+ *
+ * Cryptanalysis aside, we do still want do need to prevent the SSH
+ * sequence number...
2023 Mar 29
1
[EXTERNAL] Re: ChaCha20 Rekey Frequency
...gt; --- a/cipher.c
> +++ b/cipher.c
> @@ -150,6 +150,39 @@ cipher_blocksize(const struct sshcipher *c)
> return (c->block_size);
> }
>
> +uint64_t
> +cipher_rekey_blocks(const struct sshcipher *c)
> +{
> + /*
> + * Chacha20-Poly1305 does not benefit from data-based rekeying,
> + * per "The Security of ChaCha20-Poly1305 in the Multi-user Setting",
> + * Degabriele, J. P., Govinden, J, Gunther, F. and Paterson K.
> + * ACM CCS 2021; https://eprint.iacr.org/2023/085.pdf
> + *
> + * Cryptanalysis aside, we do still want do need to prevent the SSH...
2023 Jan 19
4
[Bug 3524] New: Rekey interval timeout not working when no package is being transfered
...Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: sanjeetkaransingh105 at gmail.com
Created attachment 3652
--> https://bugzilla.mindrot.org/attachment.cgi?id=3652&action=edit
Proposed patch
Description of problem:
Rekey timeout is expiring but rekeying is starting
until a packet is sent or received.
I tried by ssh -v, and saw even through it reached timeout limit, still
rekeying was not happening until I press any key from keyboard.
Found in Version:
8.9, 8.4.
Proposed fix:
I see there is a check to ensure number of packets should be more th...
2000 Feb 15
1
Rekeying
...tls-ssh-00.txt from Jun 13, 1996), the client or server can
send a SSH_MSG_KEXINIT at any time to force a new key exchange. I looked
through the code for OpenSSH and ssh-1.2.27 and can't find where it does
this. I then searched the Secure Shell mailing list archives and saw some
comments that rekeying will be implemented in Ver 2.
Did I miss the code in OpenSSH? Are there any ver. 1 implementations that
provide rekeying? The draft also says that the session key is broken up
to provide different encryption keys and iv's, but the code seems to use
the same keys for both directions and iv...
2023 Mar 29
1
[EXTERNAL] Re: ChaCha20 Rekey Frequency
...> --- a/cipher.c
> +++ b/cipher.c
> @@ -150,6 +150,39 @@ cipher_blocksize(const struct sshcipher *c)
> return (c->block_size);
> }
>
> +uint64_t
> +cipher_rekey_blocks(const struct sshcipher *c)
> +{
> + /*
> + * Chacha20-Poly1305 does not benefit from data-based rekeying,
> + * per "The Security of ChaCha20-Poly1305 in the Multi-user Setting",
> + * Degabriele, J. P., Govinden, J, Gunther, F. and Paterson K.
> + * ACM CCS 2021; https://eprint.iacr.org/2023/085.pdf<https://eprint.iacr.org/2023/085.pdf>
> + *
> + * Cryptanalysis aside,...
2017 Sep 23
3
Call for testing: OpenSSH 7.6
> Portable OpenSSH is also available via [...] Github:
https://github.com/openssh/openssh-portable
>
> Running the regression tests supplied with Portable OpenSSH does not
require installation and is a simply:
>
> $ ./configure && make tests
I was going to try this on Kali Linux (latest version), but ran into
trouble right away. No "configure" script exists
2023 Jun 10
1
Question About Dynamic Remote Forwarding
On Fri, 9 Jun 2023, Chris Rapier wrote:
> Hi all,
>
> When a client requests dynamic remote forwarding with -R it delays forking
> into the background. In ssh.c we see
>
> if (options.fork_after_authentication) {
> if (options.exit_on_forward_failure &&
> options.num_remote_forwards > 0) {
> debug("deferring postauth fork until
2024 May 21
2
[Bug 3692] New: rekey.sh doesn't actually test different algorithms
...Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Regression tests
Assignee: unassigned-bugs at mindrot.org
Reporter: nreilly at blackberry.com
In rekey.sh there is a function ssh_data_rekeying(). It sets the first
parameter as _kexopt but then 2 lines later tests _kexopts - note the
trailing "s":
ssh_data_rekeying()
{
_kexopt=$1 ; shift
_opts="$@"
if ! test -z "$_kexopts" ; then
cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy...
2018 Nov 13
12
[Bug 2929] New: OpenSSH server should not send the SSH_MSG_EXT_INFO message after rekeying
https://bugzilla.mindrot.org/show_bug.cgi?id=2929
Bug ID: 2929
Summary: OpenSSH server should not send the SSH_MSG_EXT_INFO
message after rekeying
Product: Portable OpenSSH
Version: 7.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: jjelen at...
2023 Mar 29
1
ChaCha20 Rekey Frequency
Hi Damien,
>This is what I'm playing with at the moment:
if you?re playing with this currently anyway, shouldn?t?
>+ /*
>+ * Otherwise, use the RFC4344 s3.2 recommendation of 2**(L/4) blocks
>+ * before rekeying where L is the blocksize in bits.
>+ * Most other ciphers have a 128 bit blocksize, so this equates to
>+ * 2**32 blocks / 64GB data.
>+ */
>+ return (uint64_t)1 << (c->block_size * 2);
? this get an upper bound? This is UB for 256-bit blocksizes
at least?
bye,
//mirabilos...
2011 Nov 08
1
Rekeying value denoting NA
I'm trying to rekey values which denote there is no values, i.e.,
'-999' in a dataset which contains both '-999' and NA entries.
When I try the following command I get the following error:
> data.frame[data.frame$MAR <= -99999,"MAR"] <- NA
"missing values are not allowed in subscripted assignments of data
frames"
Example of data:
YEAR JAN
2004 Jan 07
0
rekeying problem between isakmpd and cisco 7000
Hi,
I have a rekeying problem between FreeBSD4.9 (running isakmpd) and a Cisco
7000 box. The rekeying time of these two are not same, so even they new SAs
are created on isakmpd side, the tunnel doesn't work at all. On isakmpd
side, I know it creates new SA when SA life time passes 90%. But I don't
know when Cis...