[144853] in cryptography@c2.net mail archive
Re: RNG using AES CTR as encryption algorithm
daemon@ATHENA.MIT.EDU (Damien Miller)
Mon Sep 14 20:07:23 2009
Date: Mon, 14 Sep 2009 17:56:15 +1000 (EST)
From: Damien Miller <djm@mindrot.org>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
cc: cryptography@metzdowd.com, dj@deadhat.com
In-Reply-To: <E1Mn4CR-0006SC-2h@wintermute01.cs.auckland.ac.nz>
On Mon, 14 Sep 2009, Peter Gutmann wrote:
> Damien Miller <djm@mindrot.org> writes:
>
> >The seems unlikely, since we don't use OpenSSL for AES-CTR in OpenSSH. I
> >don't think OpenSSL even supports a CTR mode through its EVP API.
>
> I first saw it reported on the Putty bugs list [0], a good place to track
> interop problems with implementations since it's so widely used, which in turn
> points to https://bugzilla.mindrot.org/show_bug.cgi?id=1291:
Actually, I'm half-wrong (or half-right) - there was a bug in OpenSSL, just
not in AES-CTR specifically. It was a mildly obscure bug in the EVP interface
that showed up when plugging in one's own ciphers.
We now have automated interop regression tests againt PuTTY to catch this
sort of thing...
-d
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
