Parity between OpenSSH and the draft #11

csosto-pk · 2022-05-24T15:30:08Z

OpenSSH has implemented [email protected] PQ-hybrid key exchange by default .

The current deviations from our draft are

It K = K_X25519 || K_NTRU uses . This may change in our draft depending which of the 1, 2a, 2b, 3 option the WG choses.
It uses method name [email protected]. Our draft may use different ones based on algorithms.
It uses a different hash function SHA-512.

Long term we would want parity between OpenSSH and our draft.

The text was updated successfully, but these errors were encountered:

csosto-pk · 2022-08-05T13:26:55Z

Replaced [email protected] with [email protected] in the draft.

csosto-pk · 2022-08-05T13:27:53Z

After checking, using SHA-512 would have negligible performance impact. So keeping SHA-512 in the draft to follow what OpenSSH does for [email protected] for now.

csosto-pk · 2022-08-05T13:29:24Z

After checking, using option 1 for key derivation does not really affect performance. Also, it does not seem to have any practical security impact on the security of the derived keys. So for now, keeping option 1 to follow what OpenSSH does for [email protected]

csosto-pk added bug Something isn't working help wanted Extra attention is needed TODO labels May 24, 2022

csosto-pk removed help wanted Extra attention is needed TODO labels Aug 5, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Parity between OpenSSH and the draft #11

Parity between OpenSSH and the draft #11

csosto-pk commented May 24, 2022 •

edited

Loading

csosto-pk commented Aug 5, 2022

csosto-pk commented Aug 5, 2022

csosto-pk commented Aug 5, 2022

Parity between OpenSSH and the draft #11

Parity between OpenSSH and the draft #11

Comments

csosto-pk commented May 24, 2022 • edited Loading

csosto-pk commented Aug 5, 2022

csosto-pk commented Aug 5, 2022

csosto-pk commented Aug 5, 2022

csosto-pk commented May 24, 2022 •

edited

Loading