- djm@cvs.openbsd.org 2013/11/21 00:45:44

[Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@
author: Damien Miller <djm@mindrot.org> 2013-11-21 14:12:23 +1100
committer: Damien Miller <djm@mindrot.org> 2013-11-21 14:12:23 +1100
commit: 0fde8acdad78a4d20cadae974376cc0165f645ee (patch)
tree: 6e6aa82b73163bcb412920050d98f82ca9f4e86e /PROTOCOL
parent: fdb2306acdc3eb2bc46b6dfdaaf6005c650af22a (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/PROTOCOL b/PROTOCOL
index 0363314c0..cace97f88 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -91,6 +91,11 @@ an MAC algorithm. Additionally, if AES-GCM is selected as the cipher
 the exchanged MAC algorithms are ignored and there doesn't have to be
 a matching MAC.
+1.7 transport: chacha20-poly1305@openssh.com authenticated encryption
+OpenSSH supports authenticated encryption using ChaCha20 and Poly1305
+as described in PROTOCOL.chacha20poly1305.
 2. Connection protocol changes
 2.1. connection: Channel write close extension "eow@openssh.com"
@@ -345,4 +350,4 @@ respond with a SSH_FXP_STATUS message.
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
-$OpenBSD: PROTOCOL,v 1.21 2013/10/17 00:30:13 djm Exp $
+$OpenBSD: PROTOCOL,v 1.22 2013/11/21 00:45:43 djm Exp $
author	Damien Miller <djm@mindrot.org>	2013-11-21 14:12:23 +1100
committer	Damien Miller <djm@mindrot.org>	2013-11-21 14:12:23 +1100
commit	0fde8acdad78a4d20cadae974376cc0165f645ee (patch)
tree	6e6aa82b73163bcb412920050d98f82ca9f4e86e /PROTOCOL
parent	fdb2306acdc3eb2bc46b6dfdaaf6005c650af22a (diff)

diff --git a/PROTOCOL b/PROTOCOL index 0363314c0..cace97f88 100644 --- a/PROTOCOL +++ b/PROTOCOL
@@ -91,6 +91,11 @@ an MAC algorithm. Additionally, if AES-GCM is selected as the cipher
91	the exchanged MAC algorithms are ignored and there doesn't have to be	91	the exchanged MAC algorithms are ignored and there doesn't have to be
92	a matching MAC.	92	a matching MAC.
93		93
		94	1.7 transport: chacha20-poly1305@openssh.com authenticated encryption
		95
		96	OpenSSH supports authenticated encryption using ChaCha20 and Poly1305
		97	as described in PROTOCOL.chacha20poly1305.
		98
94	2. Connection protocol changes	99	2. Connection protocol changes
95		100
96	2.1. connection: Channel write close extension "eow@openssh.com"	101	2.1. connection: Channel write close extension "eow@openssh.com"
@@ -345,4 +350,4 @@ respond with a SSH_FXP_STATUS message.
345	This extension is advertised in the SSH_FXP_VERSION hello with version	350	This extension is advertised in the SSH_FXP_VERSION hello with version
346	"1".	351	"1".
347		352
348	$OpenBSD: PROTOCOL,v 1.21 2013/10/17 00:30:13 djm Exp $	353	$OpenBSD: PROTOCOL,v 1.22 2013/11/21 00:45:43 djm Exp $