Re: Binary packet protocol rethink
nisse@lysator.liu.se (Niels Möller ) Wed, 02 December 2015 11:41 UTC
Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E0CE1A8700 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Wed, 2 Dec 2015 03:41:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.61
X-Spam-Level:
X-Spam-Status: No, score=-1.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tnK7GXiOwCcA for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Wed, 2 Dec 2015 03:41:28 -0800 (PST)
Received: from mail.netbsd.org (mail.NetBSD.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1E731A01EC for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Wed, 2 Dec 2015 03:41:28 -0800 (PST)
Received: by mail.netbsd.org (Postfix, from userid 605) id B3BB585E96; Wed, 2 Dec 2015 11:41:27 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 2F37F85E95 for <ietf-ssh@netbsd.org>; Wed, 2 Dec 2015 11:41:26 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id 3oYl4dialeTz for <ietf-ssh@netbsd.org>; Wed, 2 Dec 2015 11:41:25 +0000 (UTC)
Received: from mail.lysator.liu.se (mail.lysator.liu.se [IPv6:2001:6b0:17:f0a0::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.netbsd.org (Postfix) with ESMTPS id 5815285E73 for <ietf-ssh@netbsd.org>; Wed, 2 Dec 2015 11:41:24 +0000 (UTC)
Received: from mail.lysator.liu.se (localhost [127.0.0.1]) by mail.lysator.liu.se (Postfix) with ESMTP id 2C81740015; Wed, 2 Dec 2015 12:41:22 +0100 (CET)
Received: from armitage.lysator.liu.se (armitage.lysator.liu.se [IPv6:2001:6b0:17:f0a0::83]) by mail.lysator.liu.se (Postfix) with SMTP id 5237340006; Wed, 2 Dec 2015 12:41:20 +0100 (CET)
Received: by armitage.lysator.liu.se (sSMTP sendmail emulation); Wed, 02 Dec 2015 12:41:20 +0100
From: nisse@lysator.liu.se
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: Damien Miller <djm@mindrot.org>, Simon Tatham <anakin@pobox.com>, Simon Josefsson <simon@josefsson.org>, "ietf-ssh@netbsd.org" <ietf-ssh@netbsd.org>
Subject: Re: Binary packet protocol rethink
References: <87egfdxebo.fsf@latte.josefsson.org> <87egfdxebo.fsf@latte.josefsson.org> <nny4dksr3i.fsf@armitage.lysator.liu.se> <1448554180-sup-7145@atreus.tartarus.org> <9A043F3CF02CD34C8E74AC1594475C73F4B857C7@uxcn10-5.UoA.auckland.ac.nz> <alpine.BSO.2.20.1511292228450.12629@natsu.mindrot.org> <9A043F3CF02CD34C8E74AC1594475C73F4B92EF0@uxcn10-5.UoA.auckland.ac.nz> <nn37vnsyoi.fsf@armitage.lysator.liu.se> <9A043F3CF02CD34C8E74AC1594475C73F4B9321A@uxcn10-5.UoA.auckland.ac.nz> <nntwo3raow.fsf@armitage.lysator.liu.se> <9A043F3CF02CD34C8E74AC1594475C73F4B95D3F@uxcn10-5.UoA.auckland.ac.nz>
Date: Wed, 02 Dec 2015 12:41:19 +0100
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73F4B95D3F@uxcn10-5.UoA.auckland.ac.nz> (Peter Gutmann's message of "Wed, 2 Dec 2015 01:09:33 +0000")
Message-ID: <nnh9k1oz6o.fsf@armitage.lysator.liu.se>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: ClamAV using ClamSMTP
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list
Peter Gutmann <pgut001@cs.auckland.ac.nz> writes: > So, let's turn this around: Show me evidence of assorted SSH implementations > performing anti-traffic-analysis measures, I implemented the type of hiding we're discussing almost a decade ago, and I'm using it daily. Now, I'm not working on lsh as actively these days as I'd like, but I'd really like this part to get better, not worse. If most other implementations don't care, that's unfortunate. I'm sure we could learn to do this quite well. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance.
- ChaCha20-Poly1305 for SSH Simon Josefsson
- Re: ChaCha20-Poly1305 for SSH Niels Möller
- Re: Binary packet protocol rethink Niels Möller
- Binary packet protocol rethink (was: Re: ChaCha20… Simon Tatham
- Re: Binary packet protocol rethink Simon Josefsson
- RE: Binary packet protocol rethink (was: Re: ChaC… Peter Gutmann
- RE: Binary packet protocol rethink (was: Re: ChaC… Damien Miller
- Re: ChaCha20-Poly1305 for SSH Damien Miller
- Re: Binary packet protocol rethink (was: Re: ChaC… Damien Miller
- Re: Binary packet protocol rethink (was: Re: ChaC… Mark D. Baushke
- Re: ChaCha20-Poly1305 for SSH Niels Möller
- RE: Binary packet protocol rethink (was: Re: ChaC… Peter Gutmann
- Re: Binary packet protocol rethink Niels Möller
- RE: Binary packet protocol rethink Peter Gutmann
- RE: Binary packet protocol rethink Simon Tatham
- Re: Binary packet protocol rethink (was: Re: ChaC… Simon Josefsson
- Re: Binary packet protocol rethink Niels Möller
- Re: Binary packet protocol rethink Niels Möller
- Re: Binary packet protocol rethink Niels Möller
- Re: Binary packet protocol rethink Bryan Ford
- Re: Binary packet protocol rethink Bryan Ford
- RE: Binary packet protocol rethink Peter Gutmann
- RE: Binary packet protocol rethink Peter Gutmann
- Re: Binary packet protocol rethink Niels Möller
- Re: Binary packet protocol rethink Niels Möller
- RE: Binary packet protocol rethink Peter Gutmann
- Re: Binary packet protocol rethink Bryan Ford
- Re: ChaCha20-Poly1305 for SSH Stefan Bühler
- Re: ChaCha20-Poly1305 for SSH Niels Möller
- Re: ChaCha20-Poly1305 for SSH Stefan Bühler
- Re: ChaCha20-Poly1305 for SSH Niels Möller
- Re: ChaCha20-Poly1305 for SSH Damien Miller
- Re: ChaCha20-Poly1305 for SSH Stefan Bühler
- Re: ChaCha20-Poly1305 for SSH Damien Miller