From john.mattsson@ericsson.com  Wed Dec 20 02:36:34 2023
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
 by ietfa.amsl.com (Postfix) with ESMTP id 76D15C14F5FE;
 Wed, 20 Dec 2023 02:36:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.109
X-Spam-Level: 
X-Spam-Status: No, score=-7.109 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001,
 RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001,
 URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
 header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194])
 by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id yxrSRWK1j_m7; Wed, 20 Dec 2023 02:36:30 -0800 (PST)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com
 (mail-vi1eur04on2085.outbound.protection.outlook.com [40.107.8.85])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ietfa.amsl.com (Postfix) with ESMTPS id 0013EC14F5FB;
 Wed, 20 Dec 2023 02:36:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=k4yfsDw8EtrKdEELjd3K7/wnUh3+lsGOWy0gU21sKdnDI+mMehokYM6lu9UyxCS3dEyCpCVplxT+Mt8EW4hmNv5zfuUYbJe/eQOo5nNsk98hM6FxwwsaKNpDQpNXWxIo51Fk8Uv1N5d7aa6Ejr4Jhhx56jE2Z/LjQQN4SlGOHZTVyklJkL+3PBT8QhbFXNPn9NbSoFojWKDN/kFKIIdu2f9T8tLEjqxVVea0dj4rPE5RD1R/eGKZzuvEHbMIwoOo0cHCME7kXy3LMJYV263U7m9zwTHfoHHRbnjvKDEwSSi6TYtsmLTWy/8+DQ5XCoRvcIrNcy/xfk8lDelABd/8Lg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=aiHreLrL2MhGdJ5L3nt/eCJ10P0o7ykvRIScDDZOWNo=;
 b=Dtvqp8pKlDVxKv4j+JAV5AZ/1W4yI2/cqhJKuQ2Ca4BIYr68rT1TQ9fcv/BiRZgBBYGRyNNzKdVrM4vvC1KxXajx2yewBMoZ9wAGqacpcCYralKZyeM+qozjtG3eOL4uG86KprRYRojpOWCP5i0aPO2dZOsqCyW20+Q0Sp1IH0pMTb1bSa875DtqeCbuut+Ig2j7J2cc4LdzYiR6/tKKQNZK6ZlU5ggXn34dtSqHwmBD0SgqFmYTc5JlGPOLTLqpUEbIKfPWjQ3zXdb7d7mSJiYip3xz0fkfh9ZadzftMnvqMoApSl+IZc/92uqhXILNtKfgaf2TsEU5fHQkShPteQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com;
 dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=aiHreLrL2MhGdJ5L3nt/eCJ10P0o7ykvRIScDDZOWNo=;
 b=quQkZ/wM5mGmPabs7T7AbNgSbEyZdWmCqPPkMkfBgkfAClXfGexrGowS9oTM5901HinzhkG11pJw5141B4CjSr3uqXhQ5cnx/DNPCDA3lmjpbcF6CaZ8UH9zZTJhF7ZqG5PezDjAyXGU6/T5pF66Vp+2VMKNvCulmfPczyNqJ9VNjKtrSmgpD0LVKuoO6wQDztTibE4hW3QsuMyVu8+mhYVNfNX0mmI0HfPfbovIc154ldvtNpJHGVOEAHiXJfxMYYqd9myFq7pE99iqfZZTnLdK+WfgPZxGP54qTPYa7lZU3LzEh8OR5FMQba8MCcfxo+YyPPsEhWaw1q4K2d+0TA==
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com (2603:10a6:150:114::10)
 by GVXPR07MB9773.eurprd07.prod.outlook.com (2603:10a6:150:115::17)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7091.38; Wed, 20 Dec
 2023 10:36:26 +0000
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com
 ([fe80::5b7e:93e:145a:7cbb]) by GVXPR07MB9678.eurprd07.prod.outlook.com
 ([fe80::5b7e:93e:145a:7cbb%2]) with mapi id 15.20.7091.034; Wed, 20 Dec 2023
 10:36:26 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: saag <saag@ietf.org>, "curdle@ietf.org" <curdle@ietf.org>
Thread-Topic: Time for SSH3?
Thread-Index: AQHaMy5mbhsuFmqslEGvkPxSGLInyA==
Date: Wed, 20 Dec 2023 10:36:26 +0000
Message-ID: <GVXPR07MB96789816DE49A02D46AC25628996A@GVXPR07MB9678.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVXPR07MB9678:EE_|GVXPR07MB9773:EE_
x-ms-office365-filtering-correlation-id: 98dd3a02-faf6-44c2-b3f4-08dc014784c4
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: dUU2/A4zHObRGqg/3uYt6HrbRLlUFUxFes5F+OrA6qri8eFTaK0yUG1jaE9FugH37c/Fy8XmV/zQS9nzvDZiRH8AoyMKNMyp7ihk92+5GOzDw+ycHYlBpfmoqb0PMPmYDnB+KL74i4jytMLsRb1vkimMKXrlMy2efwR4nf/EvEUZOGbK2qyBQi69zO53QPYras6VyjtBrReG7hgpQyUI6ZwLGVbe+WnUmaZ38eYNA+Y0kRJORi7zVh8hpnN1dmhG7QB0bOUhwK6J9UVCb9Q9cvpjyd6pMt9F40U6kAzhagzbekpwha13kpYPqiCW6FQ7RO0jz6l3pwkAp3yBGJyINBBCrIFpe1AuyUyWB+wYiUhxponB2K9EHG3jbVQSRCWEbRzRE8spJHFDHYnluBZBLpULAuh6F0ZqPF3b6slkhCt9K4OG8ux4+ocDaHo3ua0ApVHvPWxr+urD64TBcRdhhjnPfA+EWrVVyR9UCU1eLISCuip5h0tyXXYJz0ktEp2Qvusom1f0iglV+5tXdzKz/m8/QN6fiamGlwY/HY9o52qpt9VmQm97Y+eu5Ie/WRbOOeDoiZfrwPF45C/1zJ7cIhWrx62RXULq5AFZ8+eZafNEMInWiqtGkeW5RkzJmnwTcH8orLqHBB3ZC9TnQ55wrA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:GVXPR07MB9678.eurprd07.prod.outlook.com; PTR:; CAT:NONE;
 SFS:(13230031)(396003)(376002)(136003)(346002)(39860400002)(366004)(230922051799003)(64100799003)(1800799012)(451199024)(186009)(166002)(55016003)(82960400001)(38100700002)(122000001)(9686003)(66476007)(76116006)(64756008)(66946007)(66556008)(110136005)(33656002)(966005)(66446008)(316002)(8676002)(8936002)(44832011)(71200400001)(83380400001)(2906002)(52536014)(7116003)(450100002)(7696005)(4744005)(6506007)(38070700009)(26005)(478600001)(5660300002)(86362001)(41300700001);
 DIR:OUT; SFP:1101; 
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?Windows-1252?Q?Qhs3Pzf5m+Y2OIStwTZZMromxnlpiPyHg2jnfpRlsUh9KCAlZme9R3gt?=
 =?Windows-1252?Q?vu+dMcli254yzKX30Q21HpaV7TzbuN0Vy8BkiSi9ucWldZx/LXYB1iWr?=
 =?Windows-1252?Q?wD2MP42NeXHkIq4jEGdSK9Xz35nizjBgJ4QGPZtQmc99js/w9L+7oYsm?=
 =?Windows-1252?Q?J7wIa9EziQLaiCB0IVLpFX+uaPEkQLJnBisZWOAz8PLAklBsKmvvR92H?=
 =?Windows-1252?Q?7WM26tunjvpW3NQbQxTIrwJvIRZLAODJ2vW+/cNjUHRNSfyzF595M+oo?=
 =?Windows-1252?Q?q81w2KI1hj/PRlh7S3wBj0ong6AisuNY5CwEfYeMkxcrDnL3PZ0l1YYq?=
 =?Windows-1252?Q?g7wnEmkciBV5h+veydcYRFKbIJ1/VcJEM7AEh35Jgkv9eDeYCWcAJJIb?=
 =?Windows-1252?Q?Qt03q2tVe6AyuY+vG9LB5vNtGR3jbQR30lqYUn5QJBLwegXQ/rTEcqLS?=
 =?Windows-1252?Q?xcMjWvOUtQ581YkvfrWG+/uVzY78NZLgrVfHjXxS2dFpdlS/IgoANZWT?=
 =?Windows-1252?Q?nkoVQ04ZxFR3AFDscwTKu9IfZ2ibQVTZyh3LRknHgMMNlxu9urKOHeME?=
 =?Windows-1252?Q?ZRG3qor0odR0M32o0kaagcprCkyA5uxkdgvJYWg+extA9b6JqNDg/M/t?=
 =?Windows-1252?Q?e+d1N8uHMQLxF2YljnetmVM3lFIFBdk9l5jmcAYlLKSyCVpTXhpBwDTb?=
 =?Windows-1252?Q?NwXoZvgUBHTlENA3Ggok/zJ8G8omqzvzP2I8QzSMoymbP64QH9SBYdiT?=
 =?Windows-1252?Q?wO/F92zpJOI4xT0N2ptOmd5ksQOFGU8aJlxC9VOxU1DYbLuGEp/W5FAL?=
 =?Windows-1252?Q?ygyhCPqZ0GbUizEkTkdsDoNGlrxb1m2epvryEtJKMV+8UqsPq3GEGsyr?=
 =?Windows-1252?Q?r6DJUoTdp3xn/i+lt2YjxX2nSfhXzKf060NDpU8PFfXn1pkQ99R0oedD?=
 =?Windows-1252?Q?JMsCZuw/oMf1Ke4x2Gqys2a+oMqfgZQpAD1629akESeYL4yQh5LyhHgH?=
 =?Windows-1252?Q?0Y4x8CYUB9Z6moRj414QD/zbILWlZWHApacjUzhYSKKIODCMVnl/zPDr?=
 =?Windows-1252?Q?tCfVh7yqnPQbNxbMxfybGYz+nBpPQohH6YYCg1aMEpLo5DKNuxshMkth?=
 =?Windows-1252?Q?lZSzBfHPQtbS4LVZpWf5nlBC5p9cAWP3rJZPDVDnvJ4jWpf5hgkwNOFd?=
 =?Windows-1252?Q?NlcNMJGF11br+kvDq4iHSCOkRtOKEREwlbevFRwC02tJgJLyB0gxIIMh?=
 =?Windows-1252?Q?5mH1y04GJUbXrPvT/ptH2Y/EttF7H48Iqy8tAi0nZeo/kUfThNtNLaYN?=
 =?Windows-1252?Q?Seyah7pZMzdbu81SeV4YWJimuMCnafKYdEptvQJd6Qxbi1Xz1xpOMkDC?=
 =?Windows-1252?Q?iFYmQOrOZ/Qvl4U5wv6Gg6KeZjaSGagR55VwDAMH83i3J+nERwzJ0d55?=
 =?Windows-1252?Q?OuM1QkTZlc0vr66XbMXcQfu27dsJJfOOASGoFua23TPhKIeq2sf8GSsN?=
 =?Windows-1252?Q?8gtTN59sMwdQfdlhxDz0270ck8Uz0UUGte2gE6QMuyIUUHbtUfjmcuLZ?=
 =?Windows-1252?Q?4vvAQtRNtYqlf93FH9/iQAiytCtZIiTg6OLCzbpzIEHgU6xRr+GeBbzr?=
 =?Windows-1252?Q?WAX7ImZLR4pRncscycrhiiEeaCn3/odA37/MMI4iGjDu9q1Z7pOjtUUp?=
 =?Windows-1252?Q?Gpd/2/oN9pWUJeYuSRfa5E5l2QxjXYNUlIkNK7pDNdAkm0e2319ol0OV?=
 =?Windows-1252?Q?6M4RQia9xpnoTHm8ZfE=3D?=
Content-Type: multipart/alternative;
 boundary="_000_GVXPR07MB96789816DE49A02D46AC25628996AGVXPR07MB9678eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVXPR07MB9678.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 98dd3a02-faf6-44c2-b3f4-08dc014784c4
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Dec 2023 10:36:26.0993 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: D3/k1xjDZlMPYnONwz23VAQcaEKOANBbm4HWYLo+lA1t4gL5bSy1hx7JCTwvaWNZE75PgiNvSPtOsuSkBzrdgqe2Qq5nOjg2ATDGZxlUl2k=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR07MB9773
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/DchJS_7DgvrXsuRzSItL7Rp85w8>
Subject: [Curdle] Time for SSH3?
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "List for discussion of potential new security area wg."
 <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>,
 <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>,
 <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Dec 2023 10:36:34 -0000

--_000_GVXPR07MB96789816DE49A02D46AC25628996AGVXPR07MB9678eurp_
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable

Hi,

SSH was just hit by a major vulnerability. The reasons are that SSH just li=
ke SSL 2.0 =96 TLS 1.2 is built on a very shaky ground. The TLS WG conclude=
d that it was not enough to patch the old TLS and instead decided for the c=
ompletely redesigned TLS 1.3 built on the theoretical foundation of the SIG=
MA-I protocol. I think everybody agrees this was the right decision.

https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-inte=
grity-using-novel-data-corruption-attack/

I strongly think the right future for SSH is to not do more patching and in=
stead move to SSH3 build on top of QUIC. One such proposal was recently pub=
lished on arXiv.

https://arxiv.org/pdf/2312.08396.pdf

Cheers,
John Preu=DF Mattsson


--_000_GVXPR07MB96789816DE49A02D46AC25628996AGVXPR07MB9678eurp_
Content-Type: text/html; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable

<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" xmlns:w=3D"urn:sc=
hemas-microsoft-com:office:word" xmlns:m=3D"http://schemas.microsoft.com/of=
fice/2004/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1=
252">
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;
	mso-ligatures:standardcontextual;
	mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:#0563C1;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri",sans-serif;
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri",sans-serif;
	mso-fareast-language:EN-US;}
@page WordSection1
	{size:612.0pt 792.0pt;
	margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
	{page:WordSection1;}
--></style>
</head>
<body lang=3D"en-SE" link=3D"#0563C1" vlink=3D"#954F72" style=3D"word-wrap:=
break-word">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span lang=3D"EN-US">Hi,<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><o:p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">SSH was just hit by a major vul=
nerability. The reasons are that SSH just like SSL 2.0 =96 TLS 1.2 is built=
 on a very shaky ground. The TLS WG concluded that it was not enough to pat=
ch the old TLS and instead decided for
 the completely redesigned TLS 1.3 built on the theoretical foundation of t=
he SIGMA-I protocol. I think everybody agrees this was the right decision.<=
/span><br>
<br>
<a href=3D"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-c=
hannel-integrity-using-novel-data-corruption-attack/">https://arstechnica.c=
om/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-dat=
a-corruption-attack/</a><o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">I strongly think the right futu=
re for SSH is to not do more patching and instead move to SSH3 build on top=
 of QUIC. One such proposal was recently published on arXiv.<o:p></o:p></sp=
an></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><o:p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><a href=3D"https://arxiv.org/pdf/2312.08396.pdf">htt=
ps://arxiv.org/pdf/2312.08396.pdf</a><o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal"><span lang=3D"SV">Cheers,<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"SV">John Preu=DF Mattsson<o:p></o:p></=
span></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</body>
</html>

--_000_GVXPR07MB96789816DE49A02D46AC25628996AGVXPR07MB9678eurp_--