PuTTY wish ssh2-sequence-wrap

This is a mirror. Follow this link to find the primary PuTTY web site.

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Pre-release · Snapshot | Docs | Privacy | Changes | Wishlist

summary: SSH-2 replay attacks should be avoided
class: wish: This is a request for an enhancement.
difficulty: tricky: Needs many tuits.
priority: low: We aren't sure whether to fix this or not.
present-in: 2005-01-17
fixed-in: 2005-01-29 e12b2dcb718b03a4d9d800cd0ee8ba00486c1ff0 (0.58)

Bellare et al note that if the sequence number for SSH-2 MACs repeats itself without an intervening rekey, all sorts of attacks become possible. If PuTTY were particularly paranoid, it could force a re-key before this happens, and even kill the connection if the sequence number did wrap around. More polite would probably be a note in the documentation that turning off traffic-based re-keying is a very bad idea and to accept the worse-than-it-could-be security of connections to servers that can't re-key.


If you want to comment on this web site, see the Feedback page.
Audit trail for this wish.
(last revision of this bug record was at 2016-12-27 11:40:22 +0000)