The Secure Shell (SSH) Transport Layer Encryption Modes
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com>, secsh mailing list <firstname.lastname@example.org>, secsh chair <email@example.com> Subject: Protocol Action: 'SSH Transport Layer Encryption Modes' to Proposed Standard The IESG has approved the following document: - 'SSH Transport Layer Encryption Modes ' <draft-ietf-secsh-newmodes-06.txt> as a Proposed Standard This document is the product of the Secure Shell Working Group. The IESG contact persons are Sam Hartman and Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-06.txt
Technical Summary Researchers have discovered that the authenticated encryption portion of the current SSH Transport Protocol is vulnerable to several attacks. This document describes new counter-mode based symmetric encryption methods for the SSH Transport Protocol and gives specific recommendations on how frequently SSH implementations should rekey. Working Group Summary This document was non-controversial and well-received by the WG. Protocol Quality The spec is relatively simple, and the working group is aware of multiple implementations, has received informal reports of successful interoperability, and has not received reports of any implementation difficulties. Sam hartman reviewed the specification for the IESG. Note to RFC Editor Section 4: Add note about future directions old: The "aes128-ctr" method uses AES (the Advanced Encryption Standard, formerly Rijndael) with 128-bit keys [AES]. The block size is 16 bytes. new: The "aes128-ctr" method uses AES (the Advanced Encryption Standard, formerly Rijndael) with 128-bit keys [AES]. The block size is 16 bytes. At this time it appears likely that a future specification will promote aes128-ctr to be REQUIRED; implementation of this algorithm is very strongly encouraged.