IETF Logo Mail Archive

Re: DH group exchange (Re: SSH key algorithm updates)

Darren Tucker <dtucker@zip.com.au> Fri, 11 December 2015 04:34 UTC

Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 728401A6F01 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Thu, 10 Dec 2015 20:34:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.578
X-Spam-Level:
X-Spam-Status: No, score=-0.578 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, FM_FORGED_GMAIL=0.622, J_CHICKENPOX_21=0.6, T_DKIM_INVALID=0.01, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7t5vY_Et8f98 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Thu, 10 Dec 2015 20:34:55 -0800 (PST)
Received: from mail.netbsd.org (mail.NetBSD.org [IPv6:2001:470:a085:999::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0DE401A3BA7 for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Thu, 10 Dec 2015 20:34:55 -0800 (PST)
Received: by mail.netbsd.org (Postfix, from userid 605) id C26CD85F20; Fri, 11 Dec 2015 04:34:53 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id EEE1285E89 for <ietf-ssh@netbsd.org>; Fri, 11 Dec 2015 04:34:51 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Authentication-Results: mail.netbsd.org (amavisd-new); dkim=pass (2048-bit key) header.d=dtucker-net.20150623.gappssmtp.com
Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id FjcffPuCPKGN for <ietf-ssh@netbsd.org>; Fri, 11 Dec 2015 04:34:51 +0000 (UTC)
Received: from mail-io0-x229.google.com (mail-io0-x229.google.com [IPv6:2607:f8b0:4001:c06::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.netbsd.org (Postfix) with ESMTPS id 3D16885EE0 for <ietf-ssh@netbsd.org>; Fri, 11 Dec 2015 04:34:51 +0000 (UTC)
Received: by iofh3 with SMTP id h3so115745857iof.3 for <ietf-ssh@netbsd.org>; Thu, 10 Dec 2015 20:34:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dtucker-net.20150623.gappssmtp.com; s=20150623; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=0olX2ACqraCzb2ArYjVMSD2dTMOc6awwL0U1zM3+MZY=; b=GHFce8pu06Dr7l/AJUnTbpCB9Fb40uknHhNBsok1KVW9+K6PkRxmPOOB2jY/dOel+R CsbECDPaKeFEJkBDD+WKjtgBwVE9SZWSph5q5g5Mhkr6j12eZgY7NCNQuPO6YrT8Z2gL fBhGspJMTLxaLD+AN24Q6ovMiL52yzjgWpErKHAhoscxWxHRjDSWdU2fOixk43DFuhO2 zijtDHU+GqdmYKIpDIe3sirJysDnuOECgXgFF5QqMlTndpPiSqGtqLOzL6MPYNi1rCO1 B70JKqBLjM8h2RwFcZcpM78orT5uQg7FkIFCbq4d8InhXd1lV4iJt+Gb2UtOTYjsEAk9 y3lA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-type; bh=0olX2ACqraCzb2ArYjVMSD2dTMOc6awwL0U1zM3+MZY=; b=Kd2ViOjOVMnCCw5Q3uVY241wWRjxDequhOAdj4nwtrs3J7o+B/89MG117HfR/31QMO IWMV1e5CeZSvHVRj6yPJcl06ZbqyuJa0qnbmjlB/c5AXpMdQHDxQHqQqTZPzNGWdvU1I qrZuRw50N4REujq7YxalQWnCZa34fyx301gdUtngg+Gcj0DQHdvCA3jfZELkXRV9STuT ubuHAbtGkYRYCmfCKvDSqmQGe2XYptf4q0DMXPKPkev/Y25I5jdCqCZCTzEVhIrRSv1o UnHMfada0eJpHYEC4xHa1tsy2kmdE1ZYaTeDW/D215wY4aYZQdPuBNu6xW0R4VXTUr2/ 0jeA==
X-Gm-Message-State: ALoCoQluPJy0nNLaQsRhij/rqVFHUADgFF0KuhtB/dlyIj0K2B8OPf+cx0SH9i5KrayNLbsJdBPAX/6TLDitMrOa9J6OLPC5og==
X-Received: by 10.107.11.23 with SMTP id v23mr16885204ioi.184.1449808490234; Thu, 10 Dec 2015 20:34:50 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.132.226 with HTTP; Thu, 10 Dec 2015 20:34:30 -0800 (PST)
In-Reply-To: <83020.1449762143@eng-mail01.juniper.net>
References: <9A043F3CF02CD34C8E74AC1594475C73F4B5993D@uxcn10-5.UoA.auckland.ac.nz> <2096379125-720@skroderider.denisbider.com> <9A043F3CF02CD34C8E74AC1594475C73F4B599ED@uxcn10-5.UoA.auckland.ac.nz> <55190.1447001241@eng-mail01.juniper.net> <9A043F3CF02CD34C8E74AC1594475C73F4B5A9BC@uxcn10-5.UoA.auckland.ac.nz> <nnziyn2ft7.fsf@armitage.lysator.liu.se> <65113.1447107876@eng-mail01.juniper.net> <nn37we320r.fsf@armitage.lysator.liu.se> <alpine.BSO.2.20.1511101829460.8324@natsu.mindrot.org> <90378.1447145301@eng-mail01.juniper.net> <nnbnb11utb.fsf@armitage.lysator.liu.se> <41119.1447226323@eng-mail01.juniper.net> <nnfv0az4dl.fsf@armitage.lysator.liu.se> <67048.1447534953@eng-mail01.juniper.net> <nnpozbybp8.fsf@armitage.lysator.liu.se> <26466.1447573713@eng-mail01.juniper.net> <nnlh9zy912.fsf@armitage.lysator.liu.se> <29562.1449755093@eng-mail01.juniper.net> <nn37vamk6e.fsf@armitage.lysator.liu.se> <83020.1449762143@eng-mail01.juniper.net>
From: Darren Tucker <dtucker@zip.com.au>
Date: Fri, 11 Dec 2015 15:34:30 +1100
X-Google-Sender-Auth: 4o97gxTZpc8DEtG-tDbruQDT68g
Message-ID: <CALDDTe0B+Bf-3m2HTwweUUDnkkdOPacF0Lp9azCPjnwM5gX9Rw@mail.gmail.com>
Subject: Re: DH group exchange (Re: SSH key algorithm updates)
To: "Mark D. Baushke" <mdb@juniper.net>
Cc: Niels Möller <nisse@lysator.liu.se>, Damien Miller <djm@mindrot.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, denis bider <ietf-ssh3@denisbider.com>, Jeffrey Hutzelman <jhutz@cmu.edu>, "ietf-ssh@NetBSD.org" <ietf-ssh@netbsd.org>, "stephen.farrell@cs.tcd.ie" <stephen.farrell@cs.tcd.ie>, "jon@siliconcircus.com" <jon@siliconcircus.com>
Content-Type: text/plain; charset="UTF-8"
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list

On Fri, Dec 11, 2015 at 2:42 AM, Mark D. Baushke <mdb@juniper.net> wrote:
> I have posted draft-baushke-ssh-dh-group-sha2-00

I've implemented this for OpenSSH (against -current, but the diff will
also apply to 7.1p1 with some fuzz) if anyone would like to try it.
Patch is at https://bugzilla.mindrot.org/show_bug.cgi?id=2515.  Please
let me know if you have any comments or you can report success or
failure with it.

Thanks.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

v2.23.0 | Report a Bug | By Email