Re: [Curdle] [saag] Time for SSH3?
Peter Gutmann <pgut001@cs.auckland.ac.nz> Thu, 21 December 2023 14:25 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE582C14F5F8 for <curdle@ietfa.amsl.com>; Thu, 21 Dec 2023 06:25:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.607
X-Spam-Level:
X-Spam-Status: No, score=-2.607 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tQC9kplyd0Xy for <curdle@ietfa.amsl.com>; Thu, 21 Dec 2023 06:25:08 -0800 (PST)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.23.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4A0AC14F5EE for <curdle@ietf.org>; Thu, 21 Dec 2023 06:25:02 -0800 (PST)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01lp2233.outbound.protection.outlook.com [104.47.71.233]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id au-mta-6-SvlVAQidOg6LQTSKa7Tpng-1; Fri, 22 Dec 2023 01:23:16 +1100
X-MC-Unique: SvlVAQidOg6LQTSKa7Tpng-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by MEWPR01MB9117.ausprd01.prod.outlook.com (2603:10c6:220:1f7::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7113.21; Thu, 21 Dec 2023 14:23:14 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::b620:111d:4fd9:315e]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::b620:111d:4fd9:315e%3]) with mapi id 15.20.7113.019; Thu, 21 Dec 2023 14:23:13 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Theodore Ts'o <tytso@mit.edu>
CC: Matt Johnston <matt@ucc.asn.au>, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>, saag <saag@ietf.org>, "curdle@ietf.org" <curdle@ietf.org>
Thread-Topic: [saag] [Curdle] Time for SSH3?
Thread-Index: AQHaMy5mbhsuFmqslEGvkPxSGLInyLCyB9lBgADxVACAABUPfYAALMQAgACQ6X0=
Date: Thu, 21 Dec 2023 14:23:12 +0000
Message-ID: <SY4PR01MB62513E34F22319F15BE24BF0EE95A@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <GVXPR07MB96789816DE49A02D46AC25628996A@GVXPR07MB9678.eurprd07.prod.outlook.com> <SY4PR01MB6251678A7FD714B5CDC26A8FEE96A@SY4PR01MB6251.ausprd01.prod.outlook.com> <42ca27dada0f3c27d813d0d37446d078@ucc.asn.au> <SY4PR01MB62512EB23E7E0D79A47F4F0BEE95A@SY4PR01MB6251.ausprd01.prod.outlook.com> <20231221054354.GB125701@mit.edu>
In-Reply-To: <20231221054354.GB125701@mit.edu>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SY4PR01MB6251:EE_|MEWPR01MB9117:EE_
x-ms-office365-filtering-correlation-id: de6ea02b-b704-42bd-44aa-08dc02305d79
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: FFABcoon/tn4p9/myM1nCj1GfacjLDFKJPXB6clt1QGNmwo1WDu/HIbX+kehtu2pe7t5/s4KH61n1rAIErXQcpnXkUxnlQVvgcxKVt/TD1OkWIw+buZvOZAp0aA5JGim7Gg3XQF08uCWk8ovVrm+k/MkhDZR/v2ZzPifNTFmYzE3AT9cIRtJaCwFmNw57q/ISj2U5RPT3uyNCrs5O17OiNuLhd+2N/ahaskpN0TI/bfgbap1fjiqdyW64kqfQgzoSIdyDecufDQa/18I7zdK/qdKacAuKLMSaM3v23c6VGeuXheVkmR1ED7dDh/elBnlfs7QER9fs9tCc4rI5AAEaWu2nJB63PPaq9GfCM0sl2mSmLZscg4CVkSfwt15M3kMEa7ByHq9z2mTBveblqjIQ1v8Fk/28vKsokUMHKQMvnT0e66ODDDT+zJmUnlO6SVdVTlb8ynVeHO/Z0+6KHcv6rtEfAz4SdtwQNnwdHwkwX2XfcxnjwNPoF3emapjLz3BNfFX/dPVTT75KgoBXwcxPU2nX3Tt1oj+mjyz/SpH4/zHErDxUwbCri2B5gkTmzb3yX3cRk0zXTezWTb075EOd5o2F92/2PjTe8boBme0ZZ8=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(346002)(376002)(39860400002)(396003)(136003)(366004)(230922051799003)(451199024)(64100799003)(1800799012)(186009)(38070700009)(41300700001)(86362001)(8676002)(8936002)(83380400001)(4326008)(52536014)(64756008)(66446008)(66476007)(66556008)(66946007)(76116006)(6916009)(55016003)(54906003)(316002)(786003)(4744005)(5660300002)(2906002)(966005)(478600001)(6506007)(9686003)(7696005)(71200400001)(26005)(38100700002)(122000001)(33656002); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: PER1nw30OvJ/Bk31psTzgMDNBYJIOnEOueMB67L5U049+pyCuP0OVBMNTVw/ga9Umr1nKyC88folU3PplDjoD7WlvVziPNa8x9/83Y2y/ZLxTVaPCFDHLaZe9QRwOWJAoOWkftbj5gPGyVwQC1C3Pi7/NsPayyEl7oI6lJS27e3+L7dI1i+0qs1NgCxJu9Fec0igCWwmVh90YxoJW5RJezbRWRdqPLCfVoqnUb0RphvSAAbTFVl+th+PmxenJCku6FxSXHlJDyjcNMvp80WNadCG6HFiusszk55YQm1+0TakSsR/Sq/PM480/Cgc+ceN1cQp7UXO3NIIS00kCiL2MSzYWAO3r/70PNImESOWJXdXd86wHjy/kDI+QWYAHyZC3C0K515Wb9FVHGb1lZj7UFV3APhxTPYAesNiq2ABhL18mLZ518bDEPH4qoBQCeBd5h55OHkmcaen2Y8xuvFDP/7Q6NEkXrYkGN9gYGeMV7iG60N1kI3gwwVuYFIrl8rrq6cwjm2JN0fwwJPyWdqR7I1N5GclMPtsDE2lz1O+JOYlZxKD0nsX2ld+mRDN2Gc2/3nUIY1uKXISq+q9/r+DZMQJAuX9HSMYd3CRBYrBTuEjBxTnjKLOE7PKDd0N7Pr1fRV63wJew7dkHDmLQx9vtV04+B+Oj5oewZ0IhdAvMeiSghRkRaDmr+bS6ojCK80GL6kkyUVFWlxYJv3NJEfArbj4hcRy77mYBoa6BRe5v2CC0FWVw/y6vgfdG29fW13OZnqx9sQW45D7G/6KLqsd0dH7asMgK/9QortLTpLjTyKgY3DN8trXWV/Ep5x7mALTvcmFfw7Y7NfivrnNGgjqjs2seMb9IR89KIzJ84xDyTsCLss1Ji9Tr8aWFSq/LZ0R632ljNeRAlF34/SH5AiyTcJErCCFz/BpM5fIczMBuRYOUwKz+z7rfXMqMHt8u4jEVKGEUI3cQrtneTeAv1DuH/gdbCUJ5jAPUT79T8Ne6S+qzukGvnrmLUNkx1cXx0cC/RevEd6BGU1wTc5LeZtw0mjhSXhmyGqi/Jusd6bhzwKd1vw/nDgQR/AU+oRRMY5GGc6R1UfgUfiVDT355xjgQ79AK36+CVqgTmsF37AluWHSaq3oh0vcnV+Un2i9wj6YCrHWTMJkxTYL4ysDxqdcm+qnOZUlK51MG1hKRm3V12Mjelc09wEtHhlODOVV5l0FDe5eSuc3AiWvrKqv3xG93taOScW6gTfu4sID4VK+uTOmp40Yh5a382Hp411RsvkwOO6GLh6htq3YC4RqDsvf4PXt2/73EAb5Y3htIklaXaOMsfE21/tCFqsFoUiIx95kdwOSM4WdWCkbO2yxzZlNV/noxh8faIdxIn4bcJvUnYTJqpQke6tT5LP8j6w4HAjSzIf44pZ0cucYDnPrvOZTNgif62eLiGL3c8l2asONMsd/YkNI/OTbzUgQF3CMGlvmlfW0aRC5zdCmpdvyU+a3NH4ty0wurcKbRI8Wfmiq3ar2H8baWZt7U+3YG+Nh4amupvlQqXl+7rvHJrZzt4hytNlJXFqmnbv4YgaSiPrZ/4IjsFMG7t4GI+klP4OcNBB6
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: de6ea02b-b704-42bd-44aa-08dc02305d79
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Dec 2023 14:23:12.9469 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: vjWqJdAuiofBgnz39laFiRhoh72tBiy9KMsxT1DepIzy6p0nrXIKvBoZ2NMgZkWuVMpqCIA6pGJkfZiS7T13vou+VeDsYI7qOvwOXMsl8OA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MEWPR01MB9117
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/O64G3wsi6cBP-w14WHhEyp-5qtA>
Subject: Re: [Curdle] [saag] Time for SSH3?
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Dec 2023 14:25:12 -0000
Theodore Ts'o <tytso@mit.edu> writes: >"The attack can be performed in practice, allowing an attacker to downgrade >the connection's security [...] I read that too, but that's the theoretical impact, not the practical one. For example for the SSH implementation I'm most familiar with I can't actually think of any real weakness that this introduces. On a scale of dogwash to Heartbleed, it's definitely on the dogwash end of things. (As I mentioned earlier, it's a neat attack, but unless it can be extended from its current form it doesn't appear to be much of a threat to most implementations beyond AsyncSSH). And as an aside, this is the exact thing that https://datatracker.ietf.org/doc/draft-gutmann-ssh-preauth/ would stop dead in its tracks. Peter.
- [Curdle] Time for SSH3? John Mattsson
- Re: [Curdle] Time for SSH3? Ilari Liusvaara
- Re: [Curdle] Time for SSH3? Peter Gutmann
- Re: [Curdle] [saag] Time for SSH3? Derek Atkins
- Re: [Curdle] [saag] Time for SSH3? Eric Rescorla
- Re: [Curdle] [saag] Time for SSH3? Theodore Ts'o
- Re: [Curdle] [saag] Time for SSH3? Stephen Farrell
- Re: [Curdle] [saag] Time for SSH3? Dmitry Belyavsky
- Re: [Curdle] [saag] Time for SSH3? David Schinazi
- Re: [Curdle] [saag] Time for SSH3? Tim Hollebeek
- Re: [Curdle] [saag] Time for SSH3? Theodore Ts'o
- Re: [Curdle] [saag] Time for SSH3? Peter Gutmann
- Re: [Curdle] [saag] Time for SSH3? Peter Gutmann
- Re: [Curdle] [saag] Time for SSH3? Watson Ladd
- Re: [Curdle] Time for SSH3? Matt Johnston
- Re: [Curdle] Time for SSH3? Peter Gutmann
- Re: [Curdle] [saag] Time for SSH3? Paul Wouters
- Re: [Curdle] [saag] Time for SSH3? Peter Gutmann
- Re: [Curdle] [saag] Time for SSH3? Orie Steele
- Re: [Curdle] [saag] Time for SSH3? Theodore Ts'o