[
https://issues.apache.org/jira/browse/SSHD-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17141219#comment-17141219
]
Matt Sicker commented on SSHD-1017:
-----------------------------------
Potential compatibility problem: it seems like OpenSSH is using the pre-AEAD
version of ChaCha20-Poly1305 which is the old Poly1305-AES style of using the
MAC. This uses a 64-bit counter and 64-bit nonce, while the version of ChaCha
in Java and Bouncycastle uses the RFC 7539 form. Not sure if this is an issue
in practice since the counter and nonce are subsequent regions in the engine
state anyways (might just need to encode the nonce and counter weirdly).
> Add support for [email protected]
> ---------------------------------------------
>
> Key: SSHD-1017
> URL: https://issues.apache.org/jira/browse/SSHD-1017
> Project: MINA SSHD
> Issue Type: New Feature
> Reporter: Matt Sicker
> Priority: Major
>
> See [protocol
> details|https://github.com/openbsd/src/blob/master/usr.bin/ssh/PROTOCOL.chacha20poly1305].
> * [RFC 7539|https://tools.ietf.org/html/rfc7539] describes the
> ChaCha20-Poly1305 algorithm.
> The cipher is available in Java 11 natively and is also provided by
> Bouncycastle with a pure Java implementation fallback.
> As a bonus, this could potentially be adapted to propose an equivalent
> AES/GCM cipher encoding to how OpenSSH implements this ChaCha20-Poly1305
> cipher.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
