SSH Encryption Cipher Naming Convention
I connect to a third party SFTP server with a PowerShell script using WinSCPnet.dll. The server admin advised me that some security related changes are going to be made to the server and sent me a list of ciphers which would be supported once the changes have been made.
I wanted to determine which encryption cipher was currently being used when my script connected to the server, so I examined the logs...
(My tests were performed using WinSCP 5.15.9, WinSCPnet.dll and WinSCP.com)
The logs contained the following:
Using the list provided by the sever admin, I searched for AES-128 SDCTR, it was not there.
I've since done some research and it appears that AES-128 SDCTR is a synonym for aes128-ctr. I came to this conclusion by reading page 4 of RFC 4344 (https://datatracker.ietf.org/doc/html/rfc4344):
Furthermore, the IANA's Secure Shell Encryption Algorithm Name registry (https://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml#ssh-parameters-17) doesn't contain AES-128 SDCTR but does contain aes128-ctr.
Interestingly the WinSCP.com /info command uses the naming aes128-ctr.
Two questions...
1. Do you agree with my conclusion that AES-128 SDCTR is the same as aes128-ctr?
2. If you do agree with my first question, then why doesn't WinSCP use the standard naming convention in the logs?
One last thing, there is a spelling mistake in the output of WinSCP.com /info, algoritms should be algorithms.
I wanted to determine which encryption cipher was currently being used when my script connected to the server, so I examined the logs...
(My tests were performed using WinSCP 5.15.9, WinSCPnet.dll and WinSCP.com)
The logs contained the following:
Initialised AES-128 SDCTR client->server encryption Initialised AES-128 SDCTR server->client encryption
Using the list provided by the sever admin, I searched for AES-128 SDCTR, it was not there.
I've since done some research and it appears that AES-128 SDCTR is a synonym for aes128-ctr. I came to this conclusion by reading page 4 of RFC 4344 (https://datatracker.ietf.org/doc/html/rfc4344):
The label <cipher>-ctr indicates that the block cipher <cipher> is to be used in "stateful-decryption counter" (SDCTR) mode.
Furthermore, the IANA's Secure Shell Encryption Algorithm Name registry (https://www.iana.org/assignments/ssh-parameters/ssh-parameters.xhtml#ssh-parameters-17) doesn't contain AES-128 SDCTR but does contain aes128-ctr.
Interestingly the WinSCP.com /info command uses the naming aes128-ctr.
Two questions...
1. Do you agree with my conclusion that AES-128 SDCTR is the same as aes128-ctr?
2. If you do agree with my first question, then why doesn't WinSCP use the standard naming convention in the logs?
One last thing, there is a spelling mistake in the output of WinSCP.com /info, algoritms should be algorithms.
