You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Encrypt-then-Mac should fix that. Personally I only care about the 512-bit version of that MAC, but if it is easy to add, hmac-sha2-256-etm@openssh.com can be included as well for compatibility.
The text was updated successfully, but these errors were encountered:
This is in the line of tickets #8488, #8528 and #8537, but not as urgent as the key exchange algorithms.
Standard procedure with hmac-sha-512 is to Encrypt-and-Mac, which might lead to some side channel attacks, according to https://stribika.github.io/2015/01/04/secure-secure-shell.html
Encrypt-then-Mac should fix that. Personally I only care about the 512-bit version of that MAC, but if it is easy to add, hmac-sha2-256-etm@openssh.com can be included as well for compatibility.
The text was updated successfully, but these errors were encountered: