[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssh-bugs
Subject:    [Bug 2515] Implement diffie-hellman-group{14,15,16)-sha256
From:       bugzilla-daemon () bugzilla ! mindrot ! org
Date:       2016-04-22 6:47:32
Message-ID: bug-2515-705-UoUCrUtLi0 () https ! bugzilla ! mindrot ! org/
[Download RAW message or body]

https://bugzilla.mindrot.org/show_bug.cgi?id=2515

Damien Miller <djm@mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #2768|0                           |1
        is obsolete|                            |
                 CC|                            |dtucker@zip.com.au
   Attachment #2808|                            |ok?(dtucker@zip.com.au)
              Flags|                            |

--- Comment #10 from Damien Miller <djm@mindrot.org> ---
Created attachment 2808
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2808&action=edit
update to draft-ietf-curdle-ssh-kex-sha2-03 prefer groups 14, 16, 18

This updates Darren's diff to draft-ietf-curdle-ssh-kex-sha2-03,
specifically changing the hash for the group16 KEX to SHA512. This diff
also removes group 15 instead of group 18, so the groups supported are:

diffie-hellman-group14-sha256 - 2048 bit
diffie-hellman-group16-sha512 - 4096 bit
diffie-hellman-group18-sha512 - 8192 bit

IMO the powers of two are a bit cleaner than the intermediate ones. 

Finally, this tweaks the fallback group logic to choose the next larger
group a bit sooner and to consider the 8192 bit fixed group.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
You are watching the reporter of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[prev in list] [next in list] [prev in thread] [next in thread]