Ralph Holz <h...@net.in.tum.de> writes: >From what I can tell from our data, the most common symmetric ciphers in SSH >are proposed by client/servers to be used in CBC mode. With SSL/TLS and >XMLEnc, this mode has had quite some publicity in the recent past.
There have been attacks on SSH based on the fact that portions of the packets aren't authenticated, and as soon as the TLS folks stop bikeshedding and adopt encrypt-then-MAC I'm going to propose the same thing for SSH, it's such a no-brainer it should have been adopted years ago when the first attacks popped up. Peter. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
