openssh bugs - Jul 2007 - [Bug 1340] New: Support for Camellia block cipher to OpenSSH-portable.

http://bugzilla.mindrot.org/show_bug.cgi?id=1340

           Summary: Support for Camellia block cipher to OpenSSH-portable.
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: Miscellaneous
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: yanagisawa at csg.is.titech.ac.jp


Created an attachment (id=1327)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1327)
A patch for supporting Camellia to OpenSSH-portable.

I would like to add support for the Camellia block cipher to
OpenSSH-portable.  Camellia is one of the selected block cipher by New
European Schemes for Signature, Integrity, and Encryption (NESSIE) and
specified in several RFCs.  The details for Camellia are in:
http://info.isl.ntt.co.jp/crypt/eng/camellia/index.html

I made a patch for current OpenSSH-portable.  I have already tested it
on FreeBSD 6.2R i386 and amd64 with OpenSSL 0.9.8e.  Since the patch
uses an encryption engine for Camellia in OpenSSL library, the patch
needs OpenSSL whose version is greater than or equals to 0.9.8c with
Camellia enabled.

Will you review it?
Thank you in advance.


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1340


KATO Akihiro <akato at po.ntts.co.jp> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |akato at po.ntts.co.jp




--- Comment #1 from KATO Akihiro <akato at po.ntts.co.jp>  2007-11-30
15:50:18 ---
This issue has postponed about four months. I want this issue to get 
next step, This patch is very simple and seems to have no problems.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1340


Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtucker at zip.com.au




--- Comment #2 from Darren Tucker <dtucker at zip.com.au>  2007-11-30
20:31:28 ---
What is the reason another cipher is needed?  Is it faster or stronger
than the existing ciphers?  What advantage does it provide to offset
the risk of additional code (which is exposed to unauthenticated
users)?

Regarding the patch itself:

 * it makes the camellia cipher mandatory for the software to build.  A
considerable effort has been made to make openssh work with older
versions of the openssl library and this is negated by making camellia
mandatory.

 * you use the standard namespace for the cipher, and the cipher is not
listed in either RFC4253 or RFC4344.  Non-standard ciphers must use the
vendor extension mechanism (ie ciphername at yourdomain.com).

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1340





--- Comment #3 from Yoshisato YANAGISAWA <yanagisawa at
csg.is.titech.ac.jp>  2007-12-02 20:17:57 ---
The reason I implemented the patch is that Camellia is stronger than
AES if they are compared with a security margin.  I saw someone saying
Camellia is much faster than AES.  I should also say Camellia is
becoming familiar in FLOSS community; e.g. Linux, FreeBSD, GnuPG, and
so on.
It is true that implementing new cipher has a risk, but having an
alternate 128-bit block cipher for AES will reduce a risk in the
future.

According to Darren's suggestion, I will update my patch in a week.  I
will use #ifdef to enable users to disable Camellia.  I will change the
name from camellia128-cbc to camellia128-cbc at openssh.com.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1340


Yoshisato YANAGISAWA <yanagisawa at csg.is.titech.ac.jp> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
Attachment #1327 is|0                           |1
           obsolete|                            |




--- Comment #4 from Yoshisato YANAGISAWA <yanagisawa at
csg.is.titech.ac.jp>  2007-12-10 20:41:46 ---
Created an attachment (id=1392)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1392)
Update of the previeous patch.

I updated the patch not to force the users to use the Camellia block
cipher.  I removed some descriptions about camellia from the manual
pages and the list of default ciphers.  I changed names of ciphers.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1340





--- Comment #5 from KATO Akihiro <akato at po.ntts.co.jp>  2007-12-12
16:35:51 ---
I'm approaching to get standard name space in SSH specification in
IETF. 

I was asking to IANA help desk at last IETF in Vancouver and will make
consensus in IETF. When this approach is finished standard name related
to Camellia will appear in IANA SSH registry,
http://www.iana.org/assignments/ssh-parameters, 
Encryption Algorithm Names.

IETF policy are rough consensus and running code. For policy of running
code, this patch is useful. OpenSSH developers, can you take in and
test this code?

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1340





--- Comment #6 from Yoshisato YANAGISAWA <yanagisawa at
csg.is.titech.ac.jp>  2007-12-13 22:41:59 ---
Created an attachment (id=1397)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1397)
Camellia patch with CTR mode.

I also implemented CTR mode for Camellia based on CTR mode for AES. 
Since this patch has patch #1392 inside, the patch and patch #1392 can
not be used at the same time.  I have compiled openssh in both with and
without camellia, and no problem found.
Will some one kindly review either of my patch?
Thank you in advance.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1340


Yoshisato YANAGISAWA <yanagisawa at csg.is.titech.ac.jp> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1392|0                           |1
        is obsolete|                            |
   Attachment #1397|0                           |1
        is obsolete|                            |




--- Comment #7 from Yoshisato YANAGISAWA <yanagisawa at
csg.is.titech.ac.jp>  2009-05-23 13:59:48 ---
Created an attachment (id=1640)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1640)
Update of past patches to follow current CVS tree.

Since CBC mode flag is added to struct Cipher in cipher.c, old patches
cannot be used.  This submission is just update of those old patches.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1340

--- Comment #8 from Yoshisato YANAGISAWA <yanagisawa at
csg.is.titech.ac.jp>  ---
Created attachment 1878
  --> https://bugzilla.mindrot.org/attachment.cgi?id=1878
A patch to enable Camellia support of OpenBSD's OpenSSL.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1340

--- Comment #9 from Yoshisato YANAGISAWA <yanagisawa at
csg.is.titech.ac.jp>  ---
Created attachment 1879
  --> https://bugzilla.mindrot.org/attachment.cgi?id=1879
A patch to enable Camellia support of OpenBSD's OpenSSH.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1340

Yoshisato YANAGISAWA <yanagisawa at csg.is.titech.ac.jp> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1640|0                           |1
        is obsolete|                            |

--- Comment #10 from Yoshisato YANAGISAWA <yanagisawa at
csg.is.titech.ac.jp>  ---
Created attachment 1902
  --> https://bugzilla.mindrot.org/attachment.cgi?id=1902
Update of Camellia patch because of draft-kanno-secsh-camellia-01

Submitted code is updated to support the methods written in the
following draft:
http://tools.ietf.org/id/draft-kanno-secsh-camellia-01.txt

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.