[PATCH] curve25519-sha256 at libssh.org key exchange proposal

mancha mancha1 at hush.com
Thu Nov 7 10:28:31 EST 2013


Damien Miller <djm <at> mindrot.org> writes:

> We don't want to add things just because they are available, they have
> to offer something that the current set of options don't. 

I can see how my comment could be misinterpreted but I'm certainly not
suggesting that. What I tried to say (awkwardly) is that in the current
context there's value in continually re-visiting assumptions and a 
role for risk-reducing diversification that, if warranted, expands options
beyond the bounds of controversial standards-driven suites.

> At the moment, we're only looking at adding ed25519 as a public-key
> algorithm and chacha20+poly1305 as an AEAD similar to Adam Langley's
> proposal for TLS

That sounds like a great complement to aes{128,256}-gcm at openssh.com.
Have you been tracking his progress so far? e.g.:
http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a8646510b

PS I was very anxious to test Curve25519 so I ported Markus' recent
commits to 6.3p1. For those running portable who are interested in giving
this a whirl, I've posted here:

http://sf.net/projects/mancha/files/misc/openssh-6.3p1-curve25519.diff

Cheers.

--mancha



More information about the openssh-unix-dev mailing list