Re: AEAD in ssh

To: Niels Möller <nisse%lysator.liu.se@localhost>
Subject: Re: AEAD in ssh
From: "Mark D. Baushke" <mdb%juniper.net@localhost>
Date: Mon, 1 Feb 2016 23:20:57 -0800

Hi Niels & denis,

> 1. How to negotiate use of AEAD. 

Rather than "n/a" as the atom, why not "AEAD" or "aead" so we are clear
about the intent? That said, I am fine with ignoring the Mac if the
'Cipher' is an AEAD like the OpenSSH folks do if that is helpful.

Technically, aren't both AES-GCM and ChaCha20-Poly1305 considered to be
Authenticated Encryption with Associated Data (AEAD) rather than being
either a Mac or a Cipher directly?

> 3. If and how to encrypt the length field. 

+1 on encrypting the length field.

fwiw: I agree on the overall direction you have written.

	-- Mark

Follow-Ups:
- Re: AEAD in ssh
  - From: Niels Möller

References:
- Re: suggestion for new ssh maintenance wg
  - From: denis bider
- AEAD in ssh
  - From: Niels Möller

Prev by Date: AEAD in ssh
Next by Date: Re: AEAD in ssh
Previous by Thread: AEAD in ssh
Next by Thread: Re: AEAD in ssh
Indexes:

Home | Main Index | Thread Index | Old Index