Hello everyone. Upon reading the recent news about the NSA paying RSA to use a faulty cipher suite for it's default, it got me thinking... During a connection say for SSL, what is it that "knows" the rules for ciphers? Are these rules stored on the NIC? can they be edited, changed or appended? They are ordered obviously with the "Best" put first so is this on a file or something? How and where are these protocols stored on chips?
They are algorithmic, and are completely free and open. All ciphers depend on mathematical difficulty (long long long computation to decode, as in years), not secrecy.
Any cipher that depends on a "secret" algorithm is practically guaranteed to be garbage. Any dependable cipher that is commonly used has had mathematicians and computer scientists pound on it for years. AES128, RSA, DES3, etc., all went thru this process.
After a while, someone publishes a method to speed up cracking the cipher. It gets dropped from favor, and new ones are tested and tested. RSA is in that boat.
The goal of ciphers is perfect forward secrecy. Meaning every one knows the rules and how the computation works, but doing the computations could take literally forever.
Hashes are different. Passwords are hashed. These depend on being able to enter some characters on a keyboard and getting the particular hash (string of numbers) that is saved as the hash. One of the reasons /etc/shadow has 400 permissions is: if you know the hash you can use trial and error to get a collision (an accidental hash) that matches the saved hash. And then break in. This is a case where some secrecy adds to security. MD5 is a hash that someone has shown how to match a known hashed result. Takes a big computer time to do it, bu it is at least slightly feasible. So MD5 is going out of favor.
ssh encrypts all connections with block ciphers. As a sysadmin you get to choose one of usually a dozen block ciphers. By default the system automatically changes the cipher's key every hour.
There may not be a best cipher every time. If you always send AES128, and the bad guys figure that out it becomes very, very slightly possible to crack it. Meaning some published result shows how to launch an attack with a smal but measurable possibility of breaking it. Part of encryption is to block data with junk and to change ciphers periodically. Places the odds in our favor.
Humm. From Wikipedia. In cryptography, forward secrecy (also known as perfect forward secrecy or PFS) is a property of key-agreement protocols that ensures that a session key derived from a set of long-term keys will not be compromised if one of the long-term keys is compromised in the future.
SSH also supports arcfour which is a stream cypher.
FWIW. Openssh 2.1 - the one we have on 4 M4000's does not support arcfour - Solaris 10 5/09.
The definition you gave for PFS is completely correct - thanks.