SSH Encryption Methods

Trevor Chandler · Saturday at 9:30 PM

SSH uses encryption methods that make decryption prohibitively difficult for outsiders.

Prohibitively difficult? Not good enough!!! I need something that will make decryption
IMPOSSIBLE for outsiders when I'm using SSH.

Anyone got anything?

Thank you.

precious · Saturday at 10:17 PM

I think you are looking for One-Time Pad (OTP) that is practically impossible to crack. OTP encryption is mathematically indecipherable if you use truly random keys that are as long as the message and are never used again. Although it is ideal in theory, key distribution is the main challenge hence impractical.

Current cryptographic algorithms, like RSA and AES, are based on mathematical problems that are computationally hard (e.g., factoring large primes for RSA or solving discrete logarithms). However, they are still vulnerable to advances in computing—like quantum computing, which could break them by efficiently solving these problems using algorithms like Shor's algorithm(I saw a blog claiming they did it-not sure)...... If you have unsolvable math (truly random keys), then you can have an unbreakable encryption algorithm from it—no math, no decryption!.....

Kerckhoffs' 6 principles from 1883
1. The system must be practically, if not mathematically, indecipherable.

Trevor Chandler · Saturday at 10:38 PM

precious said:
I think you are looking for One-Time Pad (OTP) that is practically impossible to crack. OTP encryption is mathematically indecipherable if you use truly random keys that are as long as the message and are never used again. Although it is ideal in theory, key distribution is the main challenge hence impractical.

Current cryptographic algorithms, like RSA and AES, are based on mathematical problems that are computationally hard (e.g., factoring large primes for RSA or solving discrete logarithms). However, they are still vulnerable to advances in computing—like quantum computing, which could break them by efficiently solving these problems using algorithms like Shor's algorithm(I saw a blog claiming they did it-not sure)...... If you have unsolvable math (truly random keys), then you can have an unbreakable encryption algorithm from it—no math, no decryption!.....

Kerckhoffs' 6 principles from 1883
1. The system must be practically, if not mathematically, indecipherable.

Okay, how do I incorporate this into ssh????????

precious · Saturday at 10:47 PM

Trevor Chandler said:
Okay, how do I incorporate this into ssh????????

Incorporating a One-Time Pad (OTP) directly into SSH is tricky because SSH typically relies on asymmetric (RSA, DSA) or symmetric (AES, 3DES) cryptographic algorithms for secure communication, which are more practical for real-time use.

Trevor Chandler · Saturday at 10:59 PM

precious said:
Incorporating a One-Time Pad (OTP) directly into SSH is tricky because SSH typically relies on asymmetric (RSA, DSA) or symmetric (AES, 3DES) cryptographic algorithms for secure communication, which are more practical for real-time use.

Okay, so what you're saying is that you won't be able to assist me, and I'll just have to settle for prohibitively difficult. Don't send me a bill

precious · Saturday at 11:40 PM

Trevor Chandler said:
Okay, so what you're saying is that you won't be able to assist me, and I'll just have to settle for prohibitively difficult. Don't send me a bill

No bills just Coffee

till you are willing to build a quantum computer with me for those unbreakable OTPs

!

Michael Schmitz · Sunday at 1:47 AM

precious said:
I think you are looking for One-Time Pad (OTP) that is practically impossible to crack. OTP encryption is mathematically indecipherable if you use truly random keys that are as long as the message and are never used again. Although it is ideal in theory, key distribution is the main challenge hence impractical.

as you mention below, quantum computing will change that in ways, we do not really know yet. like AI changed a lot in a fast way the last two years.

precious said:
Current cryptographic algorithms, like RSA and AES, are based on mathematical problems that are computationally hard (e.g., factoring large primes for RSA or solving discrete logarithms). However, they are still vulnerable to advances in computing—like quantum computing, which could break them by efficiently solving these problems using algorithms like Shor's algorithm(I saw a blog claiming they did it-not sure)

there are this year three post quantum cryptographic standards released.

Post-Quantum Cryptography | CSRC

Short URL: https://www.nist.gov/pqcrypto FIPS 203, FIPS 204 and FIPS 205, which specify algorithms derived from CRYSTALS-Dilithium, CRYSTALS-KYBER and SPHINCS+, were published August 13, 2024. 4th Round KEMs Additional Digital Signature Schemes...

csrc.nist.gov

precious said:
...... If you have unsolvable math (truly random keys), then you can have an unbreakable encryption algorithm from it—no math, no decryption!.....

you need to store somewhere the keys. exhange them. i would assume: there are no unbreakable things. somewhere is always something stored.

precious said:
Kerckhoffs' 6 principles from 1883
1. The system must be practically, if not mathematically, indecipherable.

More important: the user password must be secure, not the algorythm.
It still depends on the User using it / implementing it.

Michael Schmitz · Sunday at 1:55 AM

Trevor Chandler said:
SSH uses encryption methods that make decryption prohibitively difficult for outsiders.

Depending what u choose to use. It is not SSH that may make the mistake (if not in the code), its u, selecting what you wanna have.

Trevor Chandler said:
Prohibitively difficult? Not good enough!!! I need something that will make decryption
IMPOSSIBLE for outsiders when I'm using SSH.

then use the right settings.

If the outside attacker is already in your network to decrypt SSH, you have failed before and other Problems. then SSH would be the least of your problems..

Trevor Chandler said:
Anyone got anything?

Thank you.

did you know, that windows has an ssh client also on the command line?

precious · Sunday at 5:40 AM

Michael Schmitz said:
as you mention below, quantum computing will change that in ways, we do not really know yet. like AI changed a lot in a fast way the last two years.

there are this year three post quantum cryptographic standards released.

Post-Quantum Cryptography | CSRC

Short URL: https://www.nist.gov/pqcrypto FIPS 203, FIPS 204 and FIPS 205, which specify algorithms derived from CRYSTALS-Dilithium, CRYSTALS-KYBER and SPHINCS+, were published August 13, 2024. 4th Round KEMs Additional Digital Signature Schemes...

csrc.nist.gov

you need to store somewhere the keys. exhange them. i would assume: there are no unbreakable things. somewhere is always something stored.

More important: the user password must be secure, not the algorythm.
It still depends on the User using it / implementing it.

Yeah! We have a perfect unbreakable practically and theoretically algorithm - OTP..........

And the algorithm might be secure, but if the user’s password is '1234'... well, we're all in trouble.

- As you said
Kerckhoffs' 6 principles from 1883 -It must not be required to be secret, and it must be able to fall into the hands of the enemy without inconvenience.

Thank you for sharing Post Quantum Cryptographic standards link

Search

Search

SSH Encryption Methods

Trevor Chandler

Well-known member

precious

Well-known member

Trevor Chandler

Well-known member

precious

Well-known member

Trevor Chandler

Well-known member

precious

Well-known member

Michael Schmitz

Well-known member

Post-Quantum Cryptography | CSRC

Michael Schmitz

Well-known member

precious

Well-known member

Post-Quantum Cryptography | CSRC