> On 21 Jun 2016, at 22:18, Alexander Wuerstlein <[email protected]> wrote: > > On 2016-06-21T09:18, Aaron Zauner <[email protected]> wrote: >> >>> On 21 Jun 2016, at 14:55, Aaron Zauner <[email protected]> wrote: >>> >>> Hi, >>> >>> Our recommendations go with EtM in OpenSSH, Kenny Paterson published this >>> slide deck recently: >>> http://www.turing-gateway.cam.ac.uk/documents/tgmw35/Kenny%20Paterson.pdf >>> >>> They identify a CBC timing oracle (not much used anymore) but more >>> importantly: they identify a error in the generic Encrypt-then-Mac >>> implementation in OpenSSH which is used quite a lot. I'm not aware of >>> upstream patches. >> >> Follow-up: https://twitter.com/kennyog/status/745153366699827205 > > Is there any more specific description of the problem? Somehow I can't > really make sense of the slides regarding EtM problems, there are > references to papers, e.g. on slide 56, but I can't even find the paper. > Let alone make sense of the slides.
I believe this paper is yet to be published. The slides pretty much tell what the problem here is but apparently they could not actively exploit it. Aaron
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
