Hi, Our recommendations go with EtM in OpenSSH, Kenny Paterson published this slide deck recently: http://www.turing-gateway.cam.ac.uk/documents/tgmw35/Kenny%20Paterson.pdf
They identify a CBC timing oracle (not much used anymore) but more importantly: they identify a error in the generic Encrypt-then-Mac implementation in OpenSSH which is used quite a lot. I'm not aware of upstream patches. Aaron
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
