RE: Binary packet protocol rethink
Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 02 December 2015 03:18 UTC
Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 367B41B3201 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Tue, 1 Dec 2015 19:18:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.61
X-Spam-Level:
X-Spam-Status: No, score=-1.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MIME_8BIT_HEADER=0.3, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wrHCbGehKBQe for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Tue, 1 Dec 2015 19:18:36 -0800 (PST)
Received: from mail.netbsd.org (mail.NetBSD.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A53B21B3200 for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Tue, 1 Dec 2015 19:18:36 -0800 (PST)
Received: by mail.netbsd.org (Postfix, from userid 605) id 9E88785E73; Wed, 2 Dec 2015 03:18:35 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 0C2D385E3F for <ietf-ssh@netbsd.org>; Wed, 2 Dec 2015 03:18:34 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Authentication-Results: mail.netbsd.org (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id Sh9y09DrtdZo for <ietf-ssh@netbsd.org>; Wed, 2 Dec 2015 03:18:33 +0000 (UTC)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.netbsd.org (Postfix) with ESMTPS id 1370384C6C for <ietf-ssh@netbsd.org>; Wed, 2 Dec 2015 03:18:32 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1449026314; x=1480562314; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=HVMHvGYYeeTnNTZ9LxPhMlsr1DzxEMJPEtxrZFH7DUs=; b=SrOl/QiSae4azBe3hZy666mVV3tqb7xNhgsFJNyotCJfSdCOG3/MrEWe gFf43fdhqI6Ik1rKIr4cG0hPO6adCZc5S0T8lF0fka1UCkXqC3/FPlGVk pFMkS32zCb0p4xWTHrtlyvpZ9bIwVqSNFckVMV2lOwUAqAixx/4DBcu9l SMsU3LVzgIgtRcrNHAKw9UDxZrgZZiLuNYw6+6OK8w/DPYu49793lsfJH VVi3oykcvuU1kg8AnnmcUhAWMh9hBjLg8ljjlpTHNQe0Q8RFGq5WeQgKg EjCa7wtydcKvi3VK3jsovTwadpljhGeWGZhORXGbswW0MEJ+1dI9HDv7C w==;
X-IronPort-AV: E=Sophos;i="5.20,371,1444647600"; d="scan'208";a="57190092"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.125 - Outgoing - Outgoing
Received: from exchangemx.uoa.auckland.ac.nz (HELO uxchange10-fe3.UoA.auckland.ac.nz) ([130.216.4.125]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 02 Dec 2015 16:18:31 +1300
Received: from UXCN10-5.UoA.auckland.ac.nz ([169.254.5.153]) by uxchange10-fe3.UoA.auckland.ac.nz ([169.254.143.234]) with mapi id 14.03.0266.001; Wed, 2 Dec 2015 16:18:30 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Niels Möller <nisse@lysator.liu.se>
CC: Damien Miller <djm@mindrot.org>, Simon Tatham <anakin@pobox.com>, Simon Josefsson <simon@josefsson.org>, "ietf-ssh@netbsd.org" <ietf-ssh@netbsd.org>
Subject: RE: Binary packet protocol rethink
Thread-Topic: Binary packet protocol rethink
Thread-Index: AQHRK2HLMJRbFzQ1ukq+Xs4ulafSe5625PVigAAkE94=
Date: Wed, 02 Dec 2015 03:18:29 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C73F4B95E88@uxcn10-5.UoA.auckland.ac.nz>
References: <87egfdxebo.fsf@latte.josefsson.org> <87egfdxebo.fsf@latte.josefsson.org> <nny4dksr3i.fsf@armitage.lysator.liu.se> <1448554180-sup-7145@atreus.tartarus.org> <9A043F3CF02CD34C8E74AC1594475C73F4B857C7@uxcn10-5.UoA.auckland.ac.nz> <alpine.BSO.2.20.1511292228450.12629@natsu.mindrot.org> <9A043F3CF02CD34C8E74AC1594475C73F4B92EF0@uxcn10-5.UoA.auckland.ac.nz> <nn37vnsyoi.fsf@armitage.lysator.liu.se> <9A043F3CF02CD34C8E74AC1594475C73F4B9321A@uxcn10-5.UoA.auckland.ac.nz>, <nntwo3raow.fsf@armitage.lysator.liu.se>, <9A043F3CF02CD34C8E74AC1594475C73F4B95D3F@uxcn10-5.UoA.auckland.ac.nz>
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73F4B95D3F@uxcn10-5.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list
I wrote: >and then we can debate whether encrypting the length hinders those >countermeasures Sorry, missing negation, that should be "not encrypting the length". (See also my post to the TLS list today on how to progress this issue, unfortunately the debate is by now spread across three lists, SSH, TLS, and CFRG). Peter.
- ChaCha20-Poly1305 for SSH Simon Josefsson
- Re: ChaCha20-Poly1305 for SSH Niels Möller
- Re: Binary packet protocol rethink Niels Möller
- Binary packet protocol rethink (was: Re: ChaCha20… Simon Tatham
- Re: Binary packet protocol rethink Simon Josefsson
- RE: Binary packet protocol rethink (was: Re: ChaC… Peter Gutmann
- RE: Binary packet protocol rethink (was: Re: ChaC… Damien Miller
- Re: ChaCha20-Poly1305 for SSH Damien Miller
- Re: Binary packet protocol rethink (was: Re: ChaC… Damien Miller
- Re: Binary packet protocol rethink (was: Re: ChaC… Mark D. Baushke
- Re: ChaCha20-Poly1305 for SSH Niels Möller
- RE: Binary packet protocol rethink (was: Re: ChaC… Peter Gutmann
- Re: Binary packet protocol rethink Niels Möller
- RE: Binary packet protocol rethink Peter Gutmann
- RE: Binary packet protocol rethink Simon Tatham
- Re: Binary packet protocol rethink (was: Re: ChaC… Simon Josefsson
- Re: Binary packet protocol rethink Niels Möller
- Re: Binary packet protocol rethink Niels Möller
- Re: Binary packet protocol rethink Niels Möller
- Re: Binary packet protocol rethink Bryan Ford
- Re: Binary packet protocol rethink Bryan Ford
- RE: Binary packet protocol rethink Peter Gutmann
- RE: Binary packet protocol rethink Peter Gutmann
- Re: Binary packet protocol rethink Niels Möller
- Re: Binary packet protocol rethink Niels Möller
- RE: Binary packet protocol rethink Peter Gutmann
- Re: Binary packet protocol rethink Bryan Ford
- Re: ChaCha20-Poly1305 for SSH Stefan Bühler
- Re: ChaCha20-Poly1305 for SSH Niels Möller
- Re: ChaCha20-Poly1305 for SSH Stefan Bühler
- Re: ChaCha20-Poly1305 for SSH Niels Möller
- Re: ChaCha20-Poly1305 for SSH Damien Miller
- Re: ChaCha20-Poly1305 for SSH Stefan Bühler
- Re: ChaCha20-Poly1305 for SSH Damien Miller