[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why only group1 diffie-hellman


Hi Geraoid,

You are right that group14 only differ with the parameter. git master
give the tools to fix it in the client in an hour or so (need to look at
server support).
Groupe-exchange is a little bit trickier, because client and server
agree on a specific group (set of parameters) dynamically. I can see
room for crypto mistakes in here.
no pitfall forseen in group14.

Thanks for your help,

Aris



Le 8/07/11 16:34, Murphy, Gearoid P a écrit :
> Aris + Andreas
> 
> I would be interested in attempting this more as a technical exercise than anything else, if libssh can but the fruits of my labor to good use, then all the better. I would obviously defer to your collective expertise when it comes to the evaluation of the security of the submitted code.
> 
> Unless I am gravely mistaken, the difference between group1 and group14 Diffie-Hellman kex is parametric only, there is no algorithmic change required, but the reply of Aris suggests that this is not the case, can anyone comment?
> 
> Thanks
>  - Gearoid
> ________________________________________
> From: Andreas Schneider [asn@xxxxxxxxxxxxxx]
> Sent: 08 July 2011 14:55
> To: libssh@xxxxxxxxxx
> Subject: Re: Why only group1 diffie-hellman
> 
> On Friday 08 July 2011 13:39:42 you wrote:
>> Hi all
> 
> Hi Gearoid,
> 
>> Is there a particular design decision behind only only supporting  group1
>> diffie-hellman key exchange?
> 
> I don't think so, but we should support it.
> 
>> I would be interested in attempting the implementation for group14
>> diffie-hellman kex for integration into the libssh mainline
> 
> RFC 4253 states that it MUST be supported. We would appreciate a patch for it.
> Recently Aris added support for ecdh-sha2-nistp256 kex in master. It shouldn't
> be to hard to add diffie-hellman-group14-sha1 now.
> 
> 
>         -- andreas
> 
> --
> Andreas Schneider                   GPG-ID: F33E3FC6
> www.cryptomilk.org                asn@xxxxxxxxxxxxxx
> 
> 
> 

Follow-Ups:
Re: Why only group1 diffie-hellmanAris Adamantiadis <aris@xxxxxxxxxxxx>
References:
Why only group1 diffie-hellman"Murphy, Gearoid P" <gearoid.murphy@xxxxxx>
Re: Why only group1 diffie-hellmanAndreas Schneider <asn@xxxxxxxxxxxxxx>
RE: Why only group1 diffie-hellman"Murphy, Gearoid P" <gearoid.murphy@xxxxxx>
Archive administrator: postmaster@lists.cynapses.org