Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

AES Galois Counter Mode for the Secure Shell Transport Layer Protocol (RFC5647)

IP.com Disclosure Number: IPCOM000187023D
Original Publication Date: 2009-Aug-01
Included in the Prior Art Database: 2009-Sep-01
Document File: 20 page(s) / 21K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

K. Igoe: AUTHOR [+2]

Abstract

Secure shell (SSH) is a secure remote-login protocol. SSH provides for algorithms that provide authentication, key agreement, confidentiality, and data-integrity services. The purpose of this document is to show how the AES Galois Counter Mode can be used to provide both confidentiality and data integrity to the SSH Transport Layer Protocol.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 13% of the total text.

Network Working Group                                            K. Igoe Request for Comments: 5647                                    J. Solinas Category: Informational                         National Security Agency                                                              August 2009

                       AES Galois Counter Mode for                the Secure Shell Transport Layer Protocol

Abstract

   Secure shell (SSH) is a secure remote-login protocol.  SSH provides    for algorithms that provide authentication, key agreement,    confidentiality, and data-integrity services.  The purpose of this    document is to show how the AES Galois Counter Mode can be used to    provide both confidentiality and data integrity to the SSH Transport    Layer Protocol.

Status of This Memo

   This memo provides information for the Internet community.  It does    not specify an Internet standard of any kind.  Distribution of this    memo is unlimited.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents in effect on the date of    publication of this document (http://trustee.ietf.org/license-info).    Please review these documents carefully, as they describe your rights    and restrictions with respect to this document.

Igoe & Solinas               Informational                      [Page 1]
 RFC 5647                AES-GCM for Secure Shell             August 2009

 Table of Contents

   1. Introduction ....................................................2

   2. Requirements Terminology ........................................2

   3. Applicability Statement .........................................3

   4. Properties of Galois Counter Mode ...............................3

      4.1. AES GCM Authenticated Encryption ...........................3

      4.2. AES GCM Authenticated Decryption ...........................3

   5. Review of Secure Shell ..........................................4

      5.1. Key Exchange ...............................................4

      5.2. Secure Shell Binary Packets ................................5

   6. AES GCM Algorithms for Secure Shell .............................6

      6.1. AEAD_AES_128_GCM ...........................................6

      6.2. AEAD_AES_256_GCM ...........................................6

      6.3. Size of the Authentication Tag .............................6

   7. Processing Binary Packets in AES-GCM Secure Shell ......