question about blowfish in SSH-1

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
So I guess blowfish has a variable key length. Any key between 4 and 56 bytes is

My question is...  what key length does SSH-1 use for it? And in what mode? And
what's the IV? I'm gonna guess, for the IV, that it's just all null bytes?

I've seen RFC's for SSH-2 that talk about blowfish being used in CTR and CBC
mode there with a key length of 16 bytes.

Any insight would be appreciated - thanks!!

Re: question about blowfish in SSH-1

Quoted text here. Click to load it

Checking the PuTTY source code since I can't remember offhand, it
looks as if SSH-1 Blowfish uses 32 bytes (256 bits) of key, and yes,
an all-zeroes IV as is typical for SSH-1.

Another change in Blowfish usage between SSH-1 and SSH-2 is the
endianness of the data streams. The Blowfish cipher is defined in
terms of taking two 32-bit words as input and giving two 32-bit words
as output; in SSH-2, eight bytes of plaintext/ciphertext are
identified with those two 32-bit words by considering the words to be
stored big-endian, whereas in SSH-1 it's little-endian.

Out of interest, why are you looking into this now? I really hope you
_don't_ have a serious need to implement SSH-1. Nobody should be using
it if they can possibly avoid it!

Quoted text here. Click to load it

Only half right. RFC 4253 does define SSH-2 "blowfish-cbc" to use a
16-byte key, but RFC 4344 defines "blowfish-ctr" to use 32.
Simon Tatham         "I'm going to pull his head off. Ear by ear."

Re: question about blowfish in SSH-1

On Wednesday, May 15, 2013 3:37:43 AM UTC-5, Simon Tatham wrote:
Quoted text here. Click to load it

I think that helps - thanks!!
Quoted text here. Click to load it

Mostly just intellectual curiosity lol. Seeing how different ciphers are us
ed in the real world is interesting. Like 3DES is a bit quirky in SSH1 in t
hat it uses inner chaining vs the more common outer chaining. ie. it encryp
ts the entire plaintext three times instead of each block three times. Usel
ess bit of trivia, I suppose, but it's still interesting, none-the-less!

Site Timeline