Maybe It's Snake Oil All the Way Down

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Jun 2 08:54:53 PDT 2003


Ian Grigg <iang at systemics.com> writes:

>Also, a lot of cryptosystems are put together by committees.  SSH was
>originally put together by one guy.  He did the lot.  Allegedly, a fairly
>grotty protocol with a number of weakneses, but it was there and up and
>running.  And SSH-2 is apparantly nice, elegant and easy to understand, now
>that it has been fixed up.

Actually SSHv2 is just SSL with a different packet format (when I did my SSHv2
implementation I recycled the code from the SSL engine, it was that close
[0]).  That's probably a good indication that SSL/SSHv2 is a fairly optimal
(security/functionality/implementability/etc) design for an application-level
security protocol if two groups independently came up with the same design,
which brings us back the original question of why on earth Nullsoft tried to
roll their own.

Peter.

[0] Note that my SSL implementation follows the standard SSL ladder diagram
    rather than the state-machine that SSL implementations are usually
    described as, which made it trivial to switch over for SSHv2 use.  I've
    never understood why every explanation of the SSL protocol I've ever seen
    uses ladder diagrams but once they talk about implementation details they
    assume you're doing it as a state machine, which makes it vastly harder to
    implement.  For example all the stuff about pending cipher suites and
    whatnot follows automatically (and transparently) from the ladder diagram,
    but is a real pain to sort out in a state machine.





More information about the cypherpunks-legacy mailing list