[ale] Documentation of SSH exchange (including math)

Alex Carver agcarver+ale at acarver.net
Wed Sep 5 19:24:06 EDT 2012


On 9/5/2012 14:03, David Tomaschik wrote:
> On Tue, Sep 4, 2012 at 11:33 PM, Alex Carver <agcarver+ale at acarver.net> wrote:
>> Trusting the certificates or host keys on the two ends isn't a problem
>> in this case.  In my implementation design, the two sets of host keys
>> and user keys are installed on both ends of the link via an OOB
>> connection (using a desktop machine to do the heavy lifting for key
>> generation).  So both ends are trusted in this case.
>>
>> I'll investigate SSL/cert and see how that goes through.  In any case
>> whatever I use has to fit on a small microcontroller.
>
> Define "small microcontroller".  Hopefully we're not talking about a
> PIC or AVR here :)  Not sure if even a 32-bit AVR would have anywhere
> near the power for even basic crypto.
>
> Is it authentication only, or do you need confidentiality as well?  If
> authentication only, you could use a CRAM algorithm or basically any
> HMAC with a PSK.

Maybe not a PIC although I might think about that one. :)  But yes to 
AVR or something similar.  The problem with CRAM is that I do need/want 
server verification.  The client may contact multiple servers (though 
not at the same time) and there will probably be more than one client 
(each with unique keys) that contact any given server (may or may not be 
simultaneous, I haven't decided).

I think ATMegas may have enough horsepower for a key exchange.  In this 
case I would consider something like a 10 second key exchange fast 
enough.  The authentication doesn't have to be near-instantaneous like 
an actual shell login, it just has to be secure.


More information about the Ale mailing list