[144852] in cryptography@c2.net mail archive
Re: RNG using AES CTR as encryption algorithm
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Mon Sep 14 20:06:51 2009
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: djm@mindrot.org, pgut001@cs.auckland.ac.nz
Cc: cryptography@metzdowd.com, dj@deadhat.com
In-Reply-To: <alpine.BSO.2.00.0909131941300.27953@fuyu.mindrot.org>
Date: Mon, 14 Sep 2009 17:34:03 +1200
Damien Miller <djm@mindrot.org> writes:
>The seems unlikely, since we don't use OpenSSL for AES-CTR in OpenSSH. I
>don't think OpenSSL even supports a CTR mode through its EVP API.
I first saw it reported on the Putty bugs list [0], a good place to track
interop problems with implementations since it's so widely used, which in turn
points to https://bugzilla.mindrot.org/show_bug.cgi?id=1291:
Connections from "OpenSSH_4.5p1, OpenSSL 0.9.8d 28 Sep 2006" to
"OpenSSH_4.5p1, OpenSSL 0.9.8e 23 Feb 2007" using "aes256-ctr" fail with
"Bad packet length". The same problem occurs when using PuTTY 0.59 against
the newer server.
PuTTY users have reported this problem too, with servers on both FreeBSD and
Linux, and with OpenSSH versions back to 4.0.
In fact it was listed as closed and resolved by, uh, one Damien Miller :-).
Peter.
[0] Meaing "bugs encountered while using Putty", not necessarily "bugs in
Putty".
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com