Author: Jonas Schnelli 2016-06-29 18:46:01
Published on: 2016-06-29T18:46:01+00:00
In a conversation about secure communication, the importance of including the cipher-type in the symmetric cipher key is emphasized to avoid weak-cipher-attacks. The cipher-type being referred to is not related to the ECDH negotiation parameters, but rather the flexible symmetric key cipher type negotiation specified by BIP151. Although BIP151 only specifies chacha20-poly1305 at openssh.com, it is possible for someone to add another symmetric cipher type after deployment which has weaker security properties. If the ciphersuite-type is not included in the key derivation HMAC, an attacker/MITM could potentially force both nodes to use the weaker symmetric cipher type.
Updated on: 2023-06-11T18:53:42.121919+00:00