Re: Idea to secure ssh
Michael Stone <mstone@debian.org> writes:
> On Mon, Mar 13, 2006 at 03:03:24PM -0500, Neal Murphy wrote:
>> Yes, allowing UDP packets in is, in a sense, an open port, but it's
>> a one-way port. UDP packets have a fixed maximum size and the
>> information carried in the packet is trivial in nature; UDP packets
>> are generally benign. It's a given that anyone who knows the
>> server's public key can generate an encrypted packet, but only an
>> authorized user can correctly generate the encrypted parts inside
>> the encrypted packet.
>
> No, anyone can generate encrypted parts. IMHO, there's not much chance
> that the decryption routines in your magic udp parser are going to be
> less vulnerable than those in openssh itself. Having "two layers of
> Having "two layers of encryption" in this context is fairly pointless.
Those two layers are totaly standard. You have to use two keypairs in
parallel to ensure that only one person can read the text and only one
person can have send it.
> Why not use three layers, or four? What analysis demonstrates a
> demonstrable return for that second layer, weighed against the cost of
> this kooky mechanism? If you really need multiple encryption layers,
> do it right and use an existing standard like ipsec rather than
> inventing a convoluted "secret method".
The analysis is simple:
Encrypting with the server public key ensures that only the server
private key can decrypt the data.
Encrypting with the client private key ensures that only the client
can have send the package. Decryptng with the clients public key
ensures that.
The replies by the server are encrypted in reverse for the same
reasons. That way there can be no fake reader or writer in the middle.
> Mike Stone
MfG
Goswin
Reply to: