📅 Original date posted:2016-06-29
📝 Original message:Hi Ethan
>> It is important to include the cipher-type into the symmetric cipher key to avoid weak-cipher-attacks.
>
> the cipher-type here refers to the ECDH negotiation parameters?
No. Not to the ECDH negotiation.
BIP151 specifies a flexible symmetric key cipher type negotiation,
although, BIP151 only specifies chacha20-poly1305 at openssh.com.
Lets assume someone adds another symmetric cipher type after BIP151 has
been deployed which has less strong security properties then
chacha20-poly1305.
If we don't include the ciphersuite-type in the key derivation HMAC, an
attacker/MITM could in theory force both nodes to use the weaker
symmetric cipher type.
</jonas>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160629/47d92fd6/attachment.sig>;
Jonas Schnelli [ARCHIVE] /
npub1nf…3dtxs
2023-06-07 17:51:35
in reply to nevent1q…n40e
Author Public Key
npub1nfrrurat393mqymf3s26pujyn5vujlem3pzcukr5p9d4qpklngxq43dtxsPublished at
2023-06-07 17:51:35Event JSON
{
"id": "55a3f0c477f6f0801d1a2e3fef1f604bacfd80c090e401e963c006c64b45a928",
"pubkey": "9a463e0fab8963b013698c15a0f2449d19c97f3b88458e5874095b5006df9a0c",
"created_at": 1686160295,
"kind": 1,
"tags": [
[
"e",
"865ae9660ffa796d019b6409907548cf0d8cccc89b3d009b0f6e17232981afa9",
"",
"root"
],
[
"e",
"d7046a0bb56681400b0edaeb0e1f89bf04551ed5e1a1b401b8b3571aa88ce2bc",
"",
"reply"
],
[
"p",
"4760277fc06bd72dcdd8ef76810910d8852fb3f9d584f5b75a0bba7168ac81a0"
]
],
"content": "📅 Original date posted:2016-06-29\n📝 Original message:Hi Ethan\n\n\n\u003e\u003e It is important to include the cipher-type into the symmetric cipher key to avoid weak-cipher-attacks.\n\u003e \n\u003e the cipher-type here refers to the ECDH negotiation parameters?\n\nNo. Not to the ECDH negotiation.\nBIP151 specifies a flexible symmetric key cipher type negotiation,\nalthough, BIP151 only specifies chacha20-poly1305 at openssh.com.\n\nLets assume someone adds another symmetric cipher type after BIP151 has\nbeen deployed which has less strong security properties then\nchacha20-poly1305.\n\nIf we don't include the ciphersuite-type in the key derivation HMAC, an\nattacker/MITM could in theory force both nodes to use the weaker\nsymmetric cipher type.\n\n\u003c/jonas\u003e\n\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: signature.asc\nType: application/pgp-signature\nSize: 819 bytes\nDesc: OpenPGP digital signature\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160629/47d92fd6/attachment.sig\u003e",
"sig": "64feabebf809fca7c9930a36d41970c303841f9d984095b2dd9de31a838146bbd59972c815b839539b03c551ea0286a066aabdb8b56ae78639f01c5cc729691a"
}