From: Tatu Ylonen <ylo@cs.hut.fi>
To: mazieres@pa.dec.com
Message Hash: f0bbb3d9ae4e1064d6cb10850c83b73051116b271747dceed81eac289dc1c488
Message ID: <199507231145.OAA04620@shadows.cs.hut.fi>
Reply To: <9507230027.AA10524@venus.pa.dec.com>
UTC Datetime: 1995-07-23 11:45:41 UTC
Raw Date: Sun, 23 Jul 95 04:45:41 PDT
From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Sun, 23 Jul 95 04:45:41 PDT
To: mazieres@pa.dec.com
Subject: ssh protocol
In-Reply-To: <9507230027.AA10524@venus.pa.dec.com>
Message-ID: <199507231145.OAA04620@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain
People have also suggested using the Photuris protocol that is part of
the IP Security work being done at IETF
(ftp://www.cnri.reston.va.us/internet-drafts/draft-ietf-ipsec-photuris-02.txt).
The basic idea behind the protocol goes roughly like this:
1. Exchange session keys using Diffie-Hellman
2. Each side sends a signature of the Diffie-Hellman exchange (the
signature can be with any of a number of algorithms; RSA and
Elliptic Curve systems have been defined).
If this were adapted to ssh, the protocol would look roughly like
this:
1. Exchange session keys using Diffie-Hellman
2. Each side sends a signature of the Diffie-Hellman exchange by its
host key
3. RSA and Rhosts authentication requests would include a signature
by the requesting key.
This would get rid of the server key and the need to regenerate it,
because the diffie-hellman exchange already prevents decrypting old
conversations. The challenge-dialogs could be avoided (unless they
are needed for performance reasons to avoid unnecessary signature
computations).
One could also eliminate RSA in future and start using some other
public key cryptosystem if desired. The Diffie-Hellman patent and the
generic public key patent expire in 1997; the RSA-patent does not
expire until about year 2000.
Anyway, this would be a major change that probably cannot easily be
made compatibly. Maybe an incompatible ssh-2.x? Anyway, I don't want
to rush into making major changes in the protocol.
I would very much like to hear comments on this approach.
Tatu
Return to August 1995
Return to “Tatu Ylonen <ylo@cs.hut.fi>”