curve25519

Loganaden Velvindron loganaden at gmail.com
Sat Jun 13 23:34:25 AEST 2015


On Sat, Jun 13, 2015 at 1:21 PM, Aris Adamantiadis <aris at 0xbadc0de.be> wrote:
> Hi,
>
> The main advantage of your contribution is a speed increase. The
> disadvantage is that your implementation has not been reviewed for security
> by experts yet, and thus is not as reliable as the reference implementation.
> I believe OpenSSH (and libssh from my pov) is not the right place to
> introduce experimental cryptographic code. The speed increase advantage is
> not very relevant to SSH, because the key exchange happens only once per
> session (on average), and we were using much slower algorithms till last
> year (DH and ECDH), that nobody ever complained about.
>
> You should probably try to get that code to be part of OpenSSL. I Believe

Or LibreSSL :)


More information about the openssh-unix-dev mailing list