Ex 10 task 2i) - Which algorithm computes the MAC?

0 votes
Hi,

I’m having trouble understanding, why chacha20-poly1305@openssh.com is used to compute the MAC in the provided pcapng file.

Could you please explain how it works and why this choice was made?

Many thanks in advance!
in Exercises by
edit history

1 Answer

0 votes

Hi,

ChaCha20-Poly1305 was chosen as the encryption algorithm.
You can see this in Wireshark by clicking on one of the encrypted messages.
This is a AEAD cipher, meaning that it includes the authentication method (MAC).
This was talked about in TLS 1.3.

Now this is not directly defined in the original RFC, however,
https://datatracker.ietf.org/doc/html/rfc4253#section-6.4 links to
https://datatracker.ietf.org/doc/html/rfc4251#section-6
which defines how organizations can use their own algorithms.
OpenSSH adheres to this standard with chacha20-poly1305@openssh.com.

The draft
https://www.ietf.org/id/draft-josefsson-ssh-chacha20-poly1305-openssh-01.html
also briefly mentions in section 2 how the negotiation works for this encryption algorithm.

The "chacha20-poly1305" offers both encryption and authentication. As such, no separate MAC is required. If the "chacha20-poly1305" cipher is selected in key exchange, the offered MAC algorithms are ignored and no MAC is required to be negotiated.

I hope that clears that up.

Kind regards,
Sebastian

by (790 points)
edit history