New key type (ed25519) and private key format
Loganaden Velvindron
loganaden at gmail.com
Sat Dec 7 21:33:12 EST 2013
On Sat, Dec 7, 2013 at 10:40 AM, Damien Miller <djm at mindrot.org> wrote:
> Hi,
>
> Markus has just committed a few changes that add support for the Ed25519
> signature algorithm[1] as a new private key type. This algorithm has a
> few benefits: it is fast (comparable to ECDSA and RSA), offers 256-bit
> security and doesn't require random numbers to generate a signature.
> This last property means it completely avoids (EC-)DSA's horrible,
> private-key leaking problem when fed from a predictable random number
> generator.
>
> Ed25519 is not supported in OpenSSL, so we used a public-domain
> implementation (from SUPERCOP). Unfortunately this means that we could
> not use the PEM key format that we have used for RSA, DSA and ECDSA keys
> until now, so Markus made a new one.
>
> The new key format looks a lot like the old one (a blob of base64
> encoded key material with beginning and end markers), but offers quite
> a bit more protection to the key from offline attacks against the
> passphrase. The new format uses a bcrypt-based key derivation function
> that makes is brute-force attacks against stolen private keys far
> slower.
>
> So far, it is only required for Ed25519 keys but it is possible to
> request it for other key types too by adding the '-o' flag to ssh-keygen
> when generating a key. It's also possible to convert existing keys to
> the new format by specifying the -o flag when changing the passphrase
> ('-p').
>
> Ed25519 and the new key format to support it represented a fair amount
> of new code in OpenSSH, so please try out a snapshot dated 20131207 or
> later. There are certain to be some portability bugs in there that need
> to be shaken out...
>
> -d
>
> [1] http://ed25519.cr.yp.to/ed25519-20110926.pdf
Awesome. Tested. I had installed the latest from cvs using --prefix=/usr/local
It works fine, but it doesn't generate the ed25519 key upon make install, thus
preventing me from launching sshd.
I've attached a diff on bugzilla:
https://bugzilla.mindrot.org/show_bug.cgi?id=2179
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
--
This message is strictly personal and the opinions expressed do not
represent those of my employers, either past or present.
More information about the openssh-unix-dev
mailing list