Displaying 2 results from an estimated 2 matches for "cc20p1305".
2023 Dec 20
1
Discussion: new terrapin resisting ciphers and macs (alternative to strict-kex) and -ctr mode question.
...the
messages together, so it will be resistant against terrapin even without the strict-kex.
Consequently the hmac-etmv2 at openssh.com mode could be deviced in a similar manner, to
also include the transcript hash or similar things.
The impact of removing the only "alternative" cipher cc20p1305 because of terrapin hardening as well
as falling back to the old eam-macs is really bad for ssh best practice. And while "enforce strict-key"
could gain some of the trust back, the attack also shows, that those constructs are just very fragile.
And while a redesign of the protocol might...
2023 Dec 20
1
Discussion: new terrapin resisting ciphers and macs (alternative to strict-kex) and -ctr mode question.
...so it will be resistant against terrapin even without the strict-kex.
>
> Consequently the hmac-etmv2 at openssh.com mode could be deviced in a similar manner, to
> also include the transcript hash or similar things.
>
> The impact of removing the only "alternative" cipher cc20p1305 because of terrapin hardening as well
> as falling back to the old eam-macs is really bad for ssh best practice. And while "enforce strict-key"
> could gain some of the trust back, the attack also shows, that those constructs are just very fragile.
>
> And while a redesign of...