[Bug 2109] New: Add support for ssh-rsa-sha256 and ssh-dsa-sha256 public key algorithms

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue May 28 10:33:44 EST 2013


https://bugzilla.mindrot.org/show_bug.cgi?id=2109

            Bug ID: 2109
           Summary: Add support for ssh-rsa-sha256 and ssh-dsa-sha256
                    public key algorithms
           Product: Portable OpenSSH
           Version: 6.2p1
          Hardware: All
                OS: FreeBSD
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: Geoff_Lowe at McAfee.com

Based on guidelines in NIST Special Publication 800-131A, "Transitions:
Recommendation for Transitioning the Use of Cryptographic Algorithms
and Key Lengths" dated January 2011, the US Governement is pushing for
stronger crypto in a number of different areas (encryption, digital
signatures, random number generation, key agreement using
diffie-hellman and MQC, etc.).

The most recent version of OpenSSH is not able to meet the updated
digital signature requirements based on the fact that it only
implements support for the "ssh-dss" and "ssh-rsa" key formats. 
(Actually, I'm not sure if it implements the pgp-sign-rsa or
pgp-sign-dss certificate format or not, but in either case, I don't
believe that materially impacts the problem.)  And according to RFC
4253, Section 6.6, both of these key formats are defined to use SHA-1
hash algorithm for signing/verifying.  SP 800-131A *requires* the use
of SHA-224, SHA-256, SHA-384, or SHA-512 in the generation of digital
signatures (see Section 9, Hash Functions) starting January 1, 2014.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list