Chapter 9. Security
SSH
connections using libica AES-GCM
now work correctly
Previously, unmodified data could be tagged as modified when using decryption with the
AES-GCM
cipher suite. As a consequence, SSH
connections could not be established when using AES-GCM
, and with some applications, data encrypted using AES-GCM
could not be decrypted. With this update, the tag is computed from the ciphertext when decrypting and from the plaintext when encrypting. As a result, SSH
connections using AES-GCM
are now successfully established, and it is possible to decrypt data encrypted with AES-GCM
. (BZ#1490894)