3des cipher and DH group size

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Petr Lautrbach <plautrba <at> redhat.com> writes:
> 
> It was confirmed that openssh can't connect to the server with a server
> string 'SSH-2.0-cryptlib' using diffie-hellman-group-exchange-sha1 and
> 3des-cbc with SSH2_MSG_KEX_DH_GEX_REQUEST(1024<7680<8192).
> 
> It's due to a issue in its code [1] which takes only requested value and
> is limited only to 4096 bits.

Setting aside 3DES's effective crypto strength and NIST guidelines, it's
unfortunate cryptlib-based SSH servers don't follow RFC4419
recommendations:

   "The server should return the smallest group it knows that is larger
   than the size the client requested.  If the server does not know a
   group that is larger than the client request, then it SHOULD return
   the largest group it knows.  In all cases, the size of the returned
   group SHOULD be at least 1024 bits."

Have you asked them what exceptional circumstances (cf. RFC2119) justify
the deviation?

--mancha



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux