search for: rekey

Using OpenSSL, is there a preferred/recommended rate of rekeying an encrypted stream of data? Does OpenSSL handle this for developers behind the scenes? Does it even need to be rekeyed? Thanks in advance. -sc -- Sean Chittenden -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signatu...

I'm wondering why the ChaCha20 cipher rekeys so frequently. At speed I'm seeing rekeys every second or two. So I'm spending a large amount of time in the rekey process. From what I've read about ChaCha20 it shouldn't need to be rekeyed quite so frequently. Am I missing something obvious? Just curious more than anything e...

Dear all, while playing around with openssh-4.1p1 (trying to add AFS token forwarding in SSH-2), I noticed that agressive rekeying (as e.g. employed by regress/rekey.sh, rekeying every 16bytes) seems to disturb the various forwardings (X11, agent) set up at the beginning of the session. These do not trigger regression test errors, since the client does not ask for confirmation from the server for these commands (except for...

Hi, I am using OpenSSH_5.2p1. It seems ssh server doesn't support key regeneration after a specified amount of time. I manually verified the OpenSSH_5.2p1 and OpenSSH-6.2 source codes and haven?t found any code support for session rekeying in both releases. SSH2 supports session rekeying using the parameter ?RekeyIntervalSeconds? with default value 3600 seconds (one hour) in both ssh2_config and sshd2_config files. I haven?t found similar parameter in both releases OpenSSH_5.2p1 and openssh-6.2 configuration files. Does openS...

...function): if (strstr(enc->name, "chacha")) *max_blocks = (u_int64_t)1 << (16*2); else if (enc->block_size >= 16) *max_blocks = (u_int64_t)1 << (enc->block_size*2); else *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; if (state->rekey_limit) to force it to reduce the rekey rate but I'm deeply unsure of what impact that would have on the security of the cipher as it's implemented. Especially the without-openssl internal implementation. Chris On 3/24/23 4:36 PM, Christian Weisgerber wrote: > Chris Rapier: > &gt...

I plan to use ssh as the secure transport of a VPN. (Yes I know there are other solutions but...) These tunnels may be up for a long time, days or weeks, and escape characters will be turned off because I'll be passing binary data so I can't force a rekey with that method. Since the ssh spec says one should rekey every hour, I plan to patch the ssh client to implement an auto-rekey option. Do any of the security/cipher gurus have any problem with automatically rekeying the connection at a specific interval. For simplicity's sake I just plan t...

https://bugzilla.mindrot.org/show_bug.cgi?id=2521 Bug ID: 2521 Summary: subtract buffer size from computed rekey limit to avoid exceeding it Product: Portable OpenSSH Version: 6.8p1 Hardware: amd64 OS: Linux Status: NEW Severity: minor Priority: P5 Component: sshd Assignee: unassigned-bugs at...

I'm hardly an expert on this, but if I remember correctly, the rekey rate for good security is mostly dependent on the cipher block size. I left my reference books at home; so, I can't come up with a reference for you, but I would take Chris' "I'm deeply unsure of what impact that would have on the security of the cipher" comment seriously and...

...gt;name, "chacha")) > *max_blocks = (u_int64_t)1 << (16*2); > else if (enc->block_size >= 16) > *max_blocks = (u_int64_t)1 << (enc->block_size*2); > else > *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; > if (state->rekey_limit) > > to force it to reduce the rekey rate but I'm deeply unsure of what impact that > would have on the security of the cipher as it's implemented. Especially the > without-openssl internal implementation. This is what I'm playing with at the moment: diff --git a/ci...

That's true for block ciphers, but ChaCha20+poly1305 is a stream cipher. On Wed, 29 Mar 2023, Robinson, Herbie wrote: > > I?m hardly an expert on this, but if I remember correctly, the rekey rate > for good security is mostly dependent on the cipher block size.? I left my > reference books at home; so, I can?t come up with a reference for you, but I > would take Chris? ?I'm deeply unsure of what impact that would have on the > security of the cipher? comment seriously a...

https://bugzilla.mindrot.org/show_bug.cgi?id=3524 Bug ID: 3524 Summary: Rekey interval timeout not working when no package is being transfered Product: Portable OpenSSH Version: 8.9p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd...

...tls-ssh-00.txt from Jun 13, 1996), the client or server can send a SSH_MSG_KEXINIT at any time to force a new key exchange. I looked through the code for OpenSSH and ssh-1.2.27 and can't find where it does this. I then searched the Secure Shell mailing list archives and saw some comments that rekeying will be implemented in Ver 2. Did I miss the code in OpenSSH? Are there any ver. 1 implementations that provide rekeying? The draft also says that the session key is broken up to provide different encryption keys and iv's, but the code seems to use the same keys for both directions and...

...Miller <djm at mindrot.org> Sent: Wednesday, March 29, 2023 3:08 PM To: Robinson, Herbie <Herbie.Robinson at stratus.com> Cc: Chris Rapier <rapier at psc.edu>; Christian Weisgerber <naddy at mips.inka.de>; openssh-unix-dev at mindrot.org Subject: RE: [EXTERNAL] Re: ChaCha20 Rekey Frequency [EXTERNAL SENDER: This email originated from outside of Stratus Technologies. Do not click links or open attachments unless you recognize the sender and know the content is safe.] That's true for block ciphers, but ChaCha20+poly1305 is a stream cipher. On Wed, 29 Mar 2023, Robinson...

> Portable OpenSSH is also available via [...] Github: https://github.com/openssh/openssh-portable > > Running the regression tests supplied with Portable OpenSSH does not require installation and is a simply: > > $ ./configure && make tests I was going to try this on Kali Linux (latest version), but ran into trouble right away. No "configure" script exists

...is correctly the client sends out a number of forward > requests which is tracked via forward_confirms_pending in ssh.c. > > Is there any equivalent on the server side to track the number of received > requests? > > I ask because I'm trying, for various reasons, to trigger a rekey on the > server side *after* the client forks in a dynamic remote forward scenario. I > know that the server can't actually know for certain if the client has or > hasn't forked but if I could track the number of confirmations the server has > sent I can use that as a reasonable...

https://bugzilla.mindrot.org/show_bug.cgi?id=3692 Bug ID: 3692 Summary: rekey.sh doesn't actually test different algorithms Product: Portable OpenSSH Version: 9.7p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Regression tests Assignee...

https://bugzilla.mindrot.org/show_bug.cgi?id=2929 Bug ID: 2929 Summary: OpenSSH server should not send the SSH_MSG_EXT_INFO message after rekeying Product: Portable OpenSSH Version: 7.7p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: jjelen...

Hi Damien, >This is what I'm playing with at the moment: if you?re playing with this currently anyway, shouldn?t? >+ /* >+ * Otherwise, use the RFC4344 s3.2 recommendation of 2**(L/4) blocks >+ * before rekeying where L is the blocksize in bits. >+ * Most other ciphers have a 128 bit blocksize, so this equates to >+ * 2**32 blocks / 64GB data. >+ */ >+ return (uint64_t)1 << (c->block_size * 2); ? this get an upper bound? This is UB for 256-bit blocksizes at least? bye, //mirabi...

I'm trying to rekey values which denote there is no values, i.e., '-999' in a dataset which contains both '-999' and NA entries. When I try the following command I get the following error: > data.frame[data.frame$MAR <= -99999,"MAR"] <- NA "missing values are not allowed in su...

Hi, I have a rekeying problem between FreeBSD4.9 (running isakmpd) and a Cisco 7000 box. The rekeying time of these two are not same, so even they new SAs are created on isakmpd side, the tunnel doesn't work at all. On isakmpd side, I know it creates new SA when SA life time passes 90%. But I don't know when...