Re: Idea to secure ssh

To: debian-security@lists.debian.org
Subject: Re: Idea to secure ssh
From: Michael Stone <mstone@debian.org>
Date: Wed, 15 Mar 2006 08:44:28 -0500
Message-id: <[🔎] 20060315134426.GH15140@mathom.us>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 87acbrygna.fsf@informatik.uni-tuebingen.de>
References: <[🔎] 385d1e010603112350g5c11a3b1ha21ed67f5e6e7e63@mail.gmail.com> <[🔎] 200603130319.31145.neal.p.murphy@alum.wpi.edu> <[🔎] 20060313143846.GA2809@tao.merseine.nu> <[🔎] 200603131503.24264.neal.p.murphy@alum.wpi.edu> <[🔎] 20060314010709.GC15140@mathom.us> <[🔎] 87acbrygna.fsf@informatik.uni-tuebingen.de>

On Wed, Mar 15, 2006 at 02:35:53PM +0100, Goswin von Brederlow wrote:

Michael Stone <mstone@debian.org> writes:

No, anyone can generate encrypted parts. IMHO, there's not much chance
that the decryption routines in your magic udp parser are going to be
less vulnerable than those in openssh itself. Having "two layers of
Having "two layers of encryption" in this context is fairly pointless.


Those two layers are totaly standard. You have to use two keypairs in
parallel to ensure that only one person can read the text and only one
person can have send it.

Either that paragraph doesn't parse or it doesn't address what I said.This gets back to "what are you trying to defend against". If you'retrying to defend against brute force attacks, then the ssh public keyauth should be sufficient. If it's not (if your adversary can somehowcrack or brute force arbitrary RSA keys) than adding a *second* keyisn't going to help. If you're trying to defend against attacks on thecrypto routines themselves (e.g., a buffer overflow against the RSA codein openssh) then I don't see why this other parser is going to be moresecure. What problem is this frankenstein trying to solve?

Why not use three layers, or four? What analysis demonstrates a
demonstrable return for that second layer, weighed against the cost of
this kooky mechanism? If you really need multiple encryption layers,
do it right and use an existing standard like ipsec rather than
inventing a convoluted "secret method".


The analysis is simple:

Encrypting with the server public key ensures that only the server
private key can decrypt the data.

Encrypting with the client private key ensures that only the client
can have send the package. Decryptng with the clients public key
ensures that.


Dude, openssh *already does that*.

Mike Stone

Reply to:

Follow-Ups:
- Re: Idea to secure ssh
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

References:
- howto block ssh brute-force
  - From: "Felipe Figueiredo" <philsf@ufrj.br>
- Idea to secure ssh [was: howto block ssh brute-force]
  - From: Neal Murphy <neal.p.murphy@alum.wpi.edu>
- Re: Idea to secure ssh [was: howto block ssh brute-force]
  - From: dsr@tao.merseine.nu
- Re: Idea to secure ssh [was: howto block ssh brute-force]
  - From: Neal Murphy <neal.p.murphy@alum.wpi.edu>
- Re: Idea to secure ssh [was: howto block ssh brute-force]
  - From: Michael Stone <mstone@debian.org>
- Re: Idea to secure ssh
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

Prev by Date: Re: Idea to secure ssh
Next by Date: Re: Idea to secure ssh
Previous by thread: Re: Idea to secure ssh
Next by thread: Re: Idea to secure ssh
Index(es):
- Date
- Thread