SSH Guidelines : Consider adding sntrup key exchange method

mozilla / infosec.mozilla.org

Guidelines, principles published on https://infosec.mozilla.org

Mozilla Public License 2.0

92 stars 64 forks source link

SSH Guidelines : Consider adding sntrup key exchange method #170

Open Fernandokitten opened 1 year ago

Fernandokitten commented 1 year ago

As of version 8.0, OpenSSH supports a post-quantum key exchange using the sntrup4591761x25519-sha512@tinyssh.org key exchange.

In OpenSSH 8.5, the previous sntrup4591761x25519-sha512@tinyssh.org method is replaced with sntrup761x25519-sha512@openssh.com.

hexkey commented 4 months ago

That's correct, it's mentioned in https://www.openssh.com/releasenotes.html

The previous sntrup4591761x25519-sha512@tinyssh.org method is replaced with sntrup761x25519-sha512@openssh.com. Per its designers, the sntrup4591761 algorithm was superseded almost two years ago by sntrup761.