Update reference to CBC vulnerability in cipher.go The original referenced paper is no longer available. I contacted the author, and this is the reference he supplied. Change-Id: Ib5ad88932f2bfc12ff62639f7fb7c3ee568610d6 GitHub-Last-Rev: 2cf7d15c63a114952c90a018ea5afe085965202e GitHub-Pull-Request: golang/crypto#132 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/228638 Reviewed-by: Han-Wen Nienhuys <hanwen@google.com> Run-TryBot: Han-Wen Nienhuys <hanwen@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org>

commit: 884d27f42877f544ba37fd9a6651180096180731 [log] [tgz]
author: Bob McNaughton <bobmcn@gmail.com> Thu Apr 16 20:40:09 2020 +0000
committer: Han-Wen Nienhuys <hanwen@google.com> Mon Apr 20 10:45:11 2020 +0000
tree: 30f618380b480db4344f935cd126fd913d8971f5
parent: 0848c9571904fcbcb24543358ca8b5a7dbfde875 [diff]
diff --git a/ssh/cipher.go b/ssh/cipher.go
index b0204ee..8bd6b3d 100644
--- a/ssh/cipher.go
+++ b/ssh/cipher.go

@@ -119,7 +119,7 @@
 	chacha20Poly1305ID: {64, 0, newChaCha20Cipher},
 
 	// CBC mode is insecure and so is not included in the default config.
-	// (See http://www.isg.rhul.ac.uk/~kp/SandPfinal.pdf). If absolutely
+	// (See https://www.ieee-security.org/TC/SP2013/papers/4977a526.pdf). If absolutely
 	// needed, it's possible to specify a custom Config to enable it.
 	// You should expect that an active attacker can recover plaintext if
 	// you do.
commit	884d27f42877f544ba37fd9a6651180096180731	[log] [tgz]
author	Bob McNaughton <bobmcn@gmail.com>	Thu Apr 16 20:40:09 2020 +0000
committer	Han-Wen Nienhuys <hanwen@google.com>	Mon Apr 20 10:45:11 2020 +0000
tree	30f618380b480db4344f935cd126fd913d8971f5
parent	0848c9571904fcbcb24543358ca8b5a7dbfde875 [diff]