This article is more than 1 year old
What's that? SSH can still use RC4? Not for much longer, promise
IETF hackathoners point the 'die-die-die' gun at another buggy cipher
A hackathon next week will see 'net developers get to work consigning more insecure cryptography to the /dev/null of history.
The Internet Engineering Task Force's 103rd meeting kicks off in Thailand with the customary hackathon starting on 3 November, and one of the agenda items is getting the RC4 cipher out of SSH (secure shell).
It's so very easy on paper. All you need is a brief Internet-Draft, which changes the word "optional" to "MUST NOT" – that's the table change in RFC 4253, section 6.3, which states 128-bit RC4 ("arcfour" in the text) is no longer supported.
In deployed SSH software, it's a bit more than the stroke of a pen.
Getting ready for the sleepless nights, if not the travel, is a group called Cyberstorm.mu from Mauritius (whose work we've discussed here before), and this time round they'll be working on the SSH RC4 deprecation.
Logan Velvindron, who co-authored the "curdle RC4 die-die-die" Draft, told El Reg he expects removing RC4 from core SSH libraries to be straightforward. It's out in the wild, where there will be public-facing servers expecting RC4 ciphers, that the regression will bump into problems.
One challenge is that nobody really knows what's "out there", he said, so the Cyberstorm group has set about gathering data. "We are working on a study of the world-wide usage rate for RC4 on public facing SSH servers to get some concrete data," he said.
Cyberstorm.mu, which Velvindron said will be the largest group of remote participants in the hackathon, will also be leading groups adding GnuTLS 1.3 support in various applications, and expanding features to a Drupal HTTP 451 error module (the error signals that a page is blocked for legal reasons like censorship; Velvindron's colleague Veegish Ramdani from the University of Mauritius wrote the original module).
The IETF meeting that follows the hackathon has quite a workload ahead of it.
The QUIC working group hopes to finalise its base specifications, so that the proposals can reach "Last Call" status early in 2019 (signalling that community review is nearly done, and the nine QUIC drafts will start getting RFC standard status).
As IETF chair Alissa Cooper wrote, there will also be lots of action in various routing areas. The Deterministic Networking and IEEE 802 Time-Sensitive Networking groups will hold a joint workshop, along with network management (YANG and the like), and plenty more for El Reg to watch for interesting developments. ®