Hi Jason,
thanks for your answer and your interest to the topic, fortunately I'm not under
attack by anyone (NSA maybe ;-) but just writing an essay about cryptography
used in ssh protocol.
I know that ssh it's a pretty fair protocol regarding security and also know
that RSA has not been break yet, but some weak RSA implementations exist. Ssh is
not among them 'cos allows both side to choose the "challenge" to be signed for
host authentication.
Anyway since RSA is no more compiled into the free version this is not a
problem, but I'm wandering whether could exist some weak implementation of DES
the other public key algorithm supported by ssh, if you or someone else in the
list know about them please let me know.
Thanks
Raffaele
P.s.
Last message I made a mistake, I said that ssh implement pgp, skpi, x509v3
public key algorithms, but it's not true ssh implement just DSA and is able to
read those keys in defined in pgp, skpi, x509v3 formats.
"Thaxter, Jason M." wrote:
> By default, RSA is not compiled into ssh. Ssh clients and servers negotiate
> a protocol at connect time, much like an SSL connection. Also like SSL, it
> will negotiate most all common schemes (DES,Triple-DES,IDEA) at various
> bit-depths.
>
> All in all, ssh is fairly secure and even an attack such as you described
> should be fairly difficult - certainly hard enough to deter any attacks
> where you are not specifically a target. If you are worried about someone
> actively trying to crack in, you probably have a lot of cryptography and
> security reading to do!
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, September 23, 1999 5:11 AM
> > To: [EMAIL PROTECTED]
> > Subject: Cryptography question
> >
> >
> > Hi all,
> > I know that some "chosen ciphertext attack" works against RSA, does
> > anyone know weak implementation of public key algorithms used by ssh
> > (DSA, x509v3, spki, pgp)?
> >
> > Thanks
> > Raffaele
> >
> >
> >
