On Tue, Jun 30, 2020 at 8:09 PM Aris Adamantiadis <a...@badcode.be> wrote: > > Hi Felipe, > > In SSH, all authentication schemes are signature-based. Specifically > user authentication is based on signing the master hash that's derived > from key exchange (i.e. everything that was shared by peers + shared > secret). SSH ensures that the authentication is safe because it's > impossible for either party to replay or precompute that hash. I don't > think TLS would let you extract or derive secrets based on the session's > secret.
I'm not sure how you intend to use them, but to enable your reasoning, you can derive secrets based on the session keys using the rfc5705 exporters. I believe the exporters are supported by most implementations. regards, Nikos
