Displaying 2 results from an estimated 2 matches for "etmv2".
Did you mean:
etm2
2023 Dec 20
1
Discussion: new terrapin resisting ciphers and macs (alternative to strict-kex) and -ctr mode question.
...f a new mechanism for ciphers/macs can be introduced and is reliable
by simple both sides using it.
So there could be a Chacha20-Poly1305v2 at openssh.com which uses AD data to chain the
messages together, so it will be resistant against terrapin even without the strict-kex.
Consequently the hmac-etmv2 at openssh.com mode could be deviced in a similar manner, to
also include the transcript hash or similar things.
The impact of removing the only "alternative" cipher cc20p1305 because of terrapin hardening as well
as falling back to the old eam-macs is really bad for ssh best practice. A...
2023 Dec 20
1
Discussion: new terrapin resisting ciphers and macs (alternative to strict-kex) and -ctr mode question.
Hi there,
> So there could be a Chacha20-Poly1305v2 at openssh.com which uses AD data to chain the
> messages together, so it will be resistant against terrapin even without the strict-kex.
>
> Consequently the hmac-etmv2 at openssh.com mode could be deviced in a similar manner, to
> also include the transcript hash or similar things.
This would still require both, client and server, to receive an update
to support these new algorithms. So I wonder what would be the benefit
of having those over strict key excha...