[Bug 3282] New: Feature Request add Argon2 as Kdf for encrypted keys

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Mar 18 02:27:52 AEDT 2021


https://bugzilla.mindrot.org/show_bug.cgi?id=3282

            Bug ID: 3282
           Summary: Feature Request add Argon2 as Kdf for encrypted keys
           Product: Portable OpenSSH
           Version: 8.5p1
          Hardware: Other
                OS: Windows 10
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: burkhardt at konsultaner.de

I currently work on a projekt
(https://github.com/konsultaner/connectanum-dart), that is related to
the WAMP-Protocol (https://wamp-proto.org). The protocol supports an
athentication algorithem called wamp-cryptosign that is based on the
ed25519 private keys. My project currently supports the import of putty
private key files and the openssh format (PKCS #8 is planned). The
openssh format defines only bcrypt as kdf algorithm. Since wamp is a
WebSocket protocol, we would like to store the password encrypted
private key in the localstorage. Bcrypt seems to be a quite unsave
solution these days. This is the reason why I am requesting argon2
support for the hashing function if this is wanted at all. There is a
reference implemetation in c here:
https://github.com/P-H-C/phc-winner-argon2

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list