X448 Key Exchange (RFC 8731)
Joseph S. Testa II
jtesta at positronsecurity.com
Sat Jul 4 04:11:51 AEST 2020
Hi all,
Back in September 2018, I started a thread about implementing the
X448 key exchange (see
https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-September/037183.html).
In February 2020, RFC 8731 (formally specifying X448 in SSH) has
been finalized: https://www.ietf.org/rfc/rfc8731.txt. I thought I'd
start this conversation up again to see if the interest level has
changed for implementing this in OpenSSH.
During the last conversation, the point was brought up that
post-quantum crypto would be more interesting than X448. Well in almost
two years, I have yet to personally gain faith in any new post-quantum
algorithm. Meanwhile, X448 has been a part of TLS 1.3 since August 2018
and has been through much more testing.
Not only am I still interested in using X448 since it provides ~224
bit security level, but I'd still be happy to write the initial
implementation for it as well. I'd need assurance that it has a chance
of being merged before I get started on it, however.
Thanks!
- Joe
--
Joseph S. Testa II
Founder & Principal Security Consultant
Positron Security
More information about the openssh-unix-dev
mailing list