mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeremy Norris (Jira)" <j...@apache.org>
Subject [jira] [Commented] (SSHD-1017) Add support for chacha20-poly1305@openssh.com
Date Mon, 19 Oct 2020 15:48:00 GMT

    [ https://issues.apache.org/jira/browse/SSHD-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17216835#comment-17216835

Jeremy Norris commented on SSHD-1017:

For a proposed variant, do you think it would be valuable to maintain OpenSSH's behavior of
encrypting the packet length, or simply make it mirror the GCM cipher (just substituting ChaCha20-Poly1305
for AES-GCM)?

I also forgot to mention one other tricky thing with using JEP 329 for ChaCha20 that I encountered
with the JSch implementation: the trick with re-initing the Cipher instance with the same
nonce by cloning the array won't work, as the JEP 329 implementation actually compares the
contents of the nonce byte array with value used in the previous call to init. I had to rely
upon reading the full first 64-byte block from ChaCha20 to increment the block counter from
0 => 1 in order to get it not to throw an Exception.

> Add support for chacha20-poly1305@openssh.com
> ---------------------------------------------
>                 Key: SSHD-1017
>                 URL: https://issues.apache.org/jira/browse/SSHD-1017
>             Project: MINA SSHD
>          Issue Type: New Feature
>            Reporter: Matt Sicker
>            Priority: Major
> See [protocol details|https://github.com/openbsd/src/blob/master/usr.bin/ssh/PROTOCOL.chacha20poly1305].
> * [RFC 7539|https://tools.ietf.org/html/rfc7539] describes the ChaCha20-Poly1305 algorithm.
> * [Dropbear implementation|https://github.com/mkj/dropbear/blob/master/chachapoly.c]
> * [OpenSSH implementation|https://github.com/openbsd/src/blob/master/usr.bin/ssh/cipher-chachapoly-libcrypto.c]
> The cipher is provided by Bouncycastle.
> As a bonus, this could potentially be adapted to propose an equivalent AES/GCM cipher
encoding to how OpenSSH implements this ChaCha20-Poly1305 cipher.

This message was sent by Atlassian Jira

To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org

View raw message