Date: Tue, 11 Jul 2000 14:50:47 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Harold Gutch <logix@foobar.franken.de> Cc: Brett Glass <brett@lariat.org>, Dave <dave@dugard.org>, security@FreeBSD.ORG Subject: Re: OpenSSH in 4.0 doesn't seem to work out of the box Message-ID: <Pine.BSF.4.21.0007111444550.88886-100000@freefall.freebsd.org> In-Reply-To: <20000711210540.B17911@foobar.franken.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 11 Jul 2000, Harold Gutch wrote:
> > P.S. -- I've always wondered why El Gamal wasn't one of the encryption
> > options, since it's unencumbered and already used in PGP.
>
> The ElGamal encryption algorithm I know of doubles the size of
> the plaintext; that's not really a problem with PGP, since the
> actual encryption algorithm uses a private key, which is
> transferred after being encrypted with a public key algorithm.
ITYM "session key" - RSA and DSA modes work by negotiating a session key
which is used with a conventional (symmetric) cipher to encrypt the bulk
data. I don't know much about El Gamal, but if it can negotiate a session
key then there's nothing preventing you from using it as a SSH2 key format
in the same way, except that no other clients or servers out there will
support you :-)
The real reason RSA is used in OpenSSH SSH1 mode is because that's what
was implemented in the SSH1 protocol, probably because it's the most
suitable public-key algorithm for the job. SSH1 didn't allow for other
algorithms, and SSH2, which does, uses DSA (an algorithm which is patented
but usable without restrictions) which does everything you'd need.
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007111444550.88886-100000>