SSH Encryption Cipher Naming Convention

Advertisement

TheCliGuy
Joined:
Posts:
13

SSH Encryption Cipher Naming Convention

I connect to a third party SFTP server with a PowerShell script using WinSCPnet.dll. The server admin advised me that some security related changes are going to be made to the server and sent me a list of ciphers which would be supported once the changes have been made.

I wanted to determine which encryption cipher was currently being used when my script connected to the server, so I examined the logs...

(My tests were performed using WinSCP 5.15.9, WinSCPnet.dll and WinSCP.com)

The logs contained the following:
Initialised AES-128 SDCTR client->server encryption
Initialised AES-128 SDCTR server->client encryption

Using the list provided by the sever admin, I searched for AES-128 SDCTR, it was not there.

I've since done some research and it appears that AES-128 SDCTR is a synonym for aes128-ctr. I came to this conclusion by reading page 4 of RFC 4344 (https://datatracker.ietf.org/doc/html/rfc4344):
The label <cipher>-ctr indicates that the block cipher <cipher> is to
be used in "stateful-decryption counter" (SDCTR) mode.

Furthermore, the IANA's Secure Shell Encryption Algorithm Name registry (https://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml#ssh-parameters-17) doesn't contain AES-128 SDCTR but does contain aes128-ctr.

Interestingly the WinSCP.com /info command uses the naming aes128-ctr.

Two questions...
1. Do you agree with my conclusion that AES-128 SDCTR is the same as aes128-ctr?
2. If you do agree with my first question, then why doesn't WinSCP use the standard naming convention in the logs?

One last thing, there is a spelling mistake in the output of WinSCP.com /info, algoritms should be algorithms.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
41,367
Location:
Prague, Czechia

Re: SSH Encryption Cipher Naming Convention

TheCliGuy wrote:

1. Do you agree with my conclusion that AES-128 SDCTR is the same as aes128-ctr?
Yes.

2. If you do agree with my first question, then why doesn't WinSCP use the standard naming convention in the logs?
I do not know. WinSCP SSH code comes from PuTTY project. If you want to know the answer, please ask its author.

One last thing, there is a spelling mistake in the output of WinSCP.com /info, algoritms should be algorithms.
Thanks. I'll fix that.

Reply with quote

Advertisement

You can post new topics in this forum