questions about SSH1_SMSG_PUBLIC_KEY packet - SSH

This is a discussion on questions about SSH1_SMSG_PUBLIC_KEY packet - SSH ; In SSH v1, the first binary packet sent out is of the type SSH_SMSG_PUBLIC_KEY. The protocol docs describe the packet thusly: 2 SSH_SMSG_PUBLIC_KEY 8 bytes anti_spoofing_cookie 32-bit int server_key_bits mp-int server_key_public_exponent mp-int server_key_public_modulus 32-bit int host_key_bits mp-int host_key_public_exponent mp-int host_key_public_modulus ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: questions about SSH1_SMSG_PUBLIC_KEY packet

  1. questions about SSH1_SMSG_PUBLIC_KEY packet

    In SSH v1, the first binary packet sent out is of the type
    SSH_SMSG_PUBLIC_KEY. The protocol docs describe the packet thusly:

    2 SSH_SMSG_PUBLIC_KEY

    8 bytes anti_spoofing_cookie
    32-bit int server_key_bits
    mp-int server_key_public_exponent
    mp-int server_key_public_modulus
    32-bit int host_key_bits
    mp-int host_key_public_exponent
    mp-int host_key_public_modulus
    32-bit int protocol_flags
    32-bit int supported_ciphers_mask
    32-bit int supported_authentications_mask

    Sent as the first message by the server. This message gives
    the
    server's host key, server key, protocol flags (intended for
    com-
    patible protocol extension), supported_ciphers_mask (which is
    the bitwise or of (1 << cipher_number), where << is the left
    shift operator, for all supported ciphers), and
    supported_authentications_mask (which is the bitwise or of (1
    <<
    authentication_type) for all supported authentication types).
    The anti_spoofing_cookie is 64 random bits, and must be sent
    back verbatim by the client in its reply. It is used to make
    IP-spoofing more difficult (encryption and host keys are the
    real defense against spoofing).

    My question is... what's the point of server_key_bits and
    host_key_bits? At first, I thought it might be to specify the size of
    the multiple-precission integer field, but looking back at the
    description of the multiple-precission integer field, I see that the
    length is already taken care of:

    Multiple-precision integer
    First 2 bytes are the number of bits in the integer, msb first
    (for example, the value 0x00012345 would have 17 bits). The
    value zero has zero bits. It is permissible that the number of
    bits be larger than the real number of bits.

    The number of bits is followed by (bits + 7) / 8 bytes of
    binary
    data, msb first, giving the value of the integer.

    So... my question would still seem to stand. What's the point of
    server_key_bits and host_key_bits?

    The SSH v1 documentation (from which the above quotations are made) can
    be found here:

    http://opensores.thebunker.net/pub/m...ssh1-draft.txt


  2. Re: questions about SSH1_SMSG_PUBLIC_KEY packet

    yawnmoth wrote:

    > In SSH v1, the first binary packet sent out is of the type
    > SSH_SMSG_PUBLIC_KEY. The protocol docs describe the packet thusly:
    >
    > 2 SSH_SMSG_PUBLIC_KEY
    >
    > 8 bytes anti_spoofing_cookie
    > 32-bit int server_key_bits
    > mp-int server_key_public_exponent
    > mp-int server_key_public_modulus
    > 32-bit int host_key_bits
    > mp-int host_key_public_exponent
    > mp-int host_key_public_modulus
    > 32-bit int protocol_flags
    > 32-bit int supported_ciphers_mask
    > 32-bit int supported_authentications_mask
    >
    > Sent as the first message by the server. This message gives
    > the
    > server's host key, server key, protocol flags (intended for
    > com-
    > patible protocol extension), supported_ciphers_mask (which is
    > the bitwise or of (1 << cipher_number), where << is the left
    > shift operator, for all supported ciphers), and
    > supported_authentications_mask (which is the bitwise or of (1
    > <<
    > authentication_type) for all supported authentication types).
    > The anti_spoofing_cookie is 64 random bits, and must be sent
    > back verbatim by the client in its reply. It is used to make
    > IP-spoofing more difficult (encryption and host keys are the
    > real defense against spoofing).
    >
    > My question is... what's the point of server_key_bits and
    > host_key_bits? At first, I thought it might be to specify the size of
    > the multiple-precission integer field, but looking back at the
    > description of the multiple-precission integer field, I see that the
    > length is already taken care of:
    >
    > Multiple-precision integer
    > First 2 bytes are the number of bits in the integer, msb first
    > (for example, the value 0x00012345 would have 17 bits). The
    > value zero has zero bits. It is permissible that the number of
    > bits be larger than the real number of bits.
    >
    > The number of bits is followed by (bits + 7) / 8 bytes of
    > binary
    > data, msb first, giving the value of the integer.
    >
    > So... my question would still seem to stand. What's the point of
    > server_key_bits and host_key_bits?
    >
    > The SSH v1 documentation (from which the above quotations are made) can
    > be found here:
    >
    > http://opensores.thebunker.net/pub/m...ssh1-draft.txt

    You just need to put it there. it's done because it may be easier to parse
    than reading right into the mpint.
    also, don't forget there is a trick in the response you must send :
    depending which is the largest key (host or server) you must encrypt with
    the biggest (or smaller) first. It is illegal to have |host - server| < 128
    if I remember well.

  3. Re: questions about SSH1_SMSG_PUBLIC_KEY packet


    Aris wrote:
    > yawnmoth wrote:
    >
    >
    > You just need to put it there. it's done because it may be easier to parse
    > than reading right into the mpint.
    > also, don't forget there is a trick in the response you must send :
    > depending which is the largest key (host or server) you must encrypt with
    > the biggest (or smaller) first. It is illegal to have |host - server| < 128
    > if I remember well.

    Thanks for the heads up!


  4. Re: questions about SSH1_SMSG_PUBLIC_KEY packet

    On Tue, 17 Jan 2006 00:31:39 -0800, yawnmoth wrote:

    > In SSH v1, the first binary packet sent out is of the type
    > SSH_SMSG_PUBLIC_KEY. The protocol docs describe the packet thusly:
    >
    > 2 SSH_SMSG_PUBLIC_KEY
    >
    > 8 bytes anti_spoofing_cookie
    > 32-bit int server_key_bits
    > mp-int server_key_public_exponent mp-int
    > server_key_public_modulus 32-bit int host_key_bits
    > mp-int host_key_public_exponent mp-int
    > host_key_public_modulus
    > 32-bit int protocol_flags
    > 32-bit int supported_ciphers_mask
    > 32-bit int supported_authentications_mask
    >
    > Sent as the first message by the server. This message gives
    > the
    > server's host key, server key, protocol flags (intended for
    > com-
    > patible protocol extension), supported_ciphers_mask (which is the
    > bitwise or of (1 << cipher_number), where << is the left shift
    > operator, for all supported ciphers), and
    > supported_authentications_mask (which is the bitwise or of (1
    > <<
    > authentication_type) for all supported authentication types). The
    > anti_spoofing_cookie is 64 random bits, and must be sent back
    > verbatim by the client in its reply. It is used to make
    > IP-spoofing more difficult (encryption and host keys are the real
    > defense against spoofing).
    >
    > My question is... what's the point of server_key_bits and host_key_bits?
    > At first, I thought it might be to specify the size of the
    > multiple-precission integer field, but looking back at the description of
    > the multiple-precission integer field, I see that the length is already
    > taken care of:
    >
    > Multiple-precision integer
    > First 2 bytes are the number of bits in the integer, msb first
    > (for example, the value 0x00012345 would have 17 bits). The value
    > zero has zero bits. It is permissible that the number of bits be
    > larger than the real number of bits.
    >
    > The number of bits is followed by (bits + 7) / 8 bytes of
    > binary
    > data, msb first, giving the value of the integer.
    >
    > So... my question would still seem to stand. What's the point of
    > server_key_bits and host_key_bits?
    >
    > The SSH v1 documentation (from which the above quotations are made) can be
    > found here:
    >
    > http://opensores.thebunker.net/pub/m...ssh1-draft.txt


    Thinking in terms of the server key, I think that what happens is that
    the server_key_bits gives the size, in bits, of the server key, whereas
    the first two bytes of the multiple precision integer that represents the
    modulus of the server key gives the position of the most significant bit
    set in that modulus.

    These two quantities are not the same, in general - a 1024-bit modulus
    may be such that its most significant bit set is in position 1022, rather
    than 1023 (counting from the right, starting at the zeroth bit).

    Analogously foe host_key_bits.





+ Reply to Thread