Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Security Practices

from [Bryan McAninch] Network Security [Permanent Link]
Subject: RE: Security Practices
Date: Tue, 17 May 2005 15:34:21 -0500 
 
The AES attack described by Dan Bernstein is impractical, as it requires an
enormous amount of known plaintext and is very timing sensitive.
Furthermore, the issue does not lie within the algorithm itself, but rather
how it is implemented. The paper specifically states that OpenSSL is
vulnerable, which makes OpenSSH vulnerable to the attack as well.

Stick with AES.

Cheers,

Bryan

-----Original Message-----
From: Nigel Stepp [mailto:stepp@atistar.net] 
Sent: Tuesday, May 17, 2005 12:14 PM
To: David Busby
Cc: secureshell@securityfocus.com
Subject: Re: Security Practices

David Busby wrote:

List,
  I'm trying to get my a sshd setup as secure as possible, some folks 
I know what to send financial data over this.

...

aes256-cbc cipher (only)


http://cr.yp.to/antiforgery/cachetiming-20050414.pdf

You may want to be aware of this paper.  I believe the results are still
preliminary, but it's something to follow.


I'm thinking that
I'll make my key 4096bits to add some security.


Heh, is your name Avi? (cryptonomicon reference, couldn't resist) That's
probably overkill, but that assumes no codebreaking paradigm shifts or what
have you.


Assume best means most secure even at
the sacrifice of performance.  Thanks!


If you're going to use 4096 bit keys, you may want to move away from md5 as
a hashing algorithm, since it has been shown to have some measure of
weakness.  You might look at SHA256, SHA512, or something like whirlpool.
I'm not an expert, however, and I'm not sure how proven whirlpool really is
(or about the measure of support of these hashes in ssh).


/djb


--
:wq
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Security Practices, List Account
Next by Date:  Re: bash_logout and sftp, Robert Hajime Lanning
Previous by Thread:  Re: Security Practices, Nigel Stepp
Next by Thread:  RE: Security Practices, Bryan McAninch
Indexes:  [Date] [Thread] [Top] [All Lists]