IETF Logo Mail Archive

Re: SHA-2 based HMAC algorithm...

Simon Tatham <anakin@pobox.com> Sat, 09 April 2011 10:35 UTC

Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@core3.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F119F3A6A56 for <ietfarch-secsh-tyoxbijeg7-archive@core3.amsl.com>; Sat, 9 Apr 2011 03:35:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aqmlHEYylTdT for <ietfarch-secsh-tyoxbijeg7-archive@core3.amsl.com>; Sat, 9 Apr 2011 03:35:08 -0700 (PDT)
Received: from mail.netbsd.org (mail.NetBSD.org [IPv6:2001:4f8:3:7:216:3eff:fe67:11]) by core3.amsl.com (Postfix) with ESMTP id 2CDE63A69E7 for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Sat, 9 Apr 2011 03:35:08 -0700 (PDT)
Received: by mail.netbsd.org (Postfix, from userid 605) id DE49919D0D6; Sat, 9 Apr 2011 10:36:52 +0000 (UTC)
Delivered-To: ietf-ssh@NetBSD.org
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 8F92A19D0D5 for <ietf-ssh@NetBSD.org>; Sat, 9 Apr 2011 10:36:51 +0000 (UTC)
X-Virus-Scanned: amavisd-new at NetBSD.org
Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id K0H0APdBbWKj for <ietf-ssh@NetBSD.org>; Sat, 9 Apr 2011 10:36:51 +0000 (UTC)
Received: from atreus.tartarus.org (atreus.tartarus.org [80.252.125.10]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.netbsd.org (Postfix) with ESMTPS id E159A19D0C9 for <ietf-ssh@NetBSD.org>; Sat, 9 Apr 2011 10:36:49 +0000 (UTC)
Received: from simon by atreus.tartarus.org with local (Exim 4.69) (envelope-from <simon@atreus.tartarus.org>) id 1Q8URV-0001Py-OU; Sat, 09 Apr 2011 10:26:57 +0100
X-Mailer: Jed/Timber v0.2
From: Simon Tatham <anakin@pobox.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, galb-list@vandyke.com, jhutz@cmu.edu, mdb@juniper.net, ietf-ssh2@denisbider.com
Cc: ietf-ssh@NetBSD.org
In-Reply-To: <5F67ED28BE1043409DB93D1964966AFE@element>
Subject: Re: SHA-2 based HMAC algorithm...
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Message-Id: <E1Q8URV-0001Py-OU@atreus.tartarus.org>
Date: Sat, 09 Apr 2011 10:26:57 +0100
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list

denis bider \(Bitvise\) <ietf-ssh2@denisbider.com> wrote:
> I updated the draft with this change:
> http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-01.txt

Another minor nit: you're referencing HMAC, so you should add a
reference to RFC 2104 in which the HMAC construction is defined.

Meanwhile, I've done the implementation of this draft for PuTTY. At

    http://tartarus.org/simon/20110409-putty-sha2

I've uploaded a complete set of PuTTY executables (in the 'x86'
subdir) and source archives modified for SHA-2 support, together
with the source code patch (in 'sha2.diff'). I've verified that all
four of the new MACs work against OpenSSH 5.8p1 with Peter Gutmann's
patch applied.

Cheers,
Simon
-- 
Simon Tatham         "Imagine what the world would be like if
<anakin@pobox.com>    there were no hypothetical situations..."

v2.23.0 | Report a Bug | By Email