You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Guillaume Nodet (JIRA)" <ji...@apache.org> on 2012/09/12 14:27:07 UTC
[jira] [Updated] (SSHD-180) Add support for CTR and RC4 (ARCFOUR)
ciphers
[ https://issues.apache.org/jira/browse/SSHD-180?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Guillaume Nodet updated SSHD-180:
---------------------------------
Summary: Add support for CTR and RC4 (ARCFOUR) ciphers (was: Add support for CTR ciphers)
> Add support for CTR and RC4 (ARCFOUR) ciphers
> ---------------------------------------------
>
> Key: SSHD-180
> URL: https://issues.apache.org/jira/browse/SSHD-180
> Project: MINA SSHD
> Issue Type: Improvement
> Affects Versions: 0.8.0
> Reporter: Scott Dial
> Labels: features, security
> Fix For: 0.8.0
>
>
> CBC ciphers are considered vulnerable[1]. It's now recommended practice to prefer CTR ciphers, and some security guidelines even require disabling CBC ciphers[2]. Since Gerrit use this library of code, it means that Gerrit is unusable in these environments.
> Unless I am mistaken, CTR ciphers are supported already by JCE, so this should be a straight-forward patch that is mostly copy/pasting of the AES*CBC cipher code.
> [1] http://www.openssh.com/txt/cbc.adv
> [2] http://svn.fedorahosted.org/svn/aqueduct/trunk/compliance/Bash/STIG/rhel-5-beta/prod/GEN005511.sh
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira