I connect to a third party SFTP server with a PowerShell script using WinSCPnet.dll
. The server admin advised me that some security related changes are going to be made to the server and sent me a list of ciphers which would be supported once the changes have been made.
I wanted to determine which encryption cipher was currently being used when my script connected to the server, so I examined the logs...
(My tests were performed using WinSCP 5.15.9, WinSCPnet.dll and WinSCP.com)
The logs contained the following:
Initialised AES-128 SDCTR client->server encryption
Initialised AES-128 SDCTR server->client encryption
Using the list provided by the sever admin, I searched for AES-128 SDCTR
, it was not there.
I've since done some research and it appears that AES-128 SDCTR
is a synonym for aes128-ctr
. I came to this conclusion by reading page 4 of RFC 4344 (https://datatracker.ietf.org/doc/html/rfc4344
The label <cipher>-ctr indicates that the block cipher <cipher> is to
be used in "stateful-decryption counter" (SDCTR) mode.
Furthermore, the IANA's Secure Shell Encryption Algorithm Name registry (https://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml#ssh-parameters-17
) doesn't contain AES-128 SDCTR
but does contain aes128-ctr
Interestingly the WinSCP.com /info
command uses the naming aes128-ctr
1. Do you agree with my conclusion that AES-128 SDCTR
is the same as aes128-ctr
2. If you do agree with my first question, then why doesn't WinSCP use the standard naming convention in the logs?
One last thing, there is a spelling mistake in the output of WinSCP.com /info
should be algorithms