bugzilla-daemon at mindrot.org
2022-Sep-08 13:33 UTC
[Bug 3472] New: Consider discontinuing support for sntrup761x25519-sha512@openssh.com
https://bugzilla.mindrot.org/show_bug.cgi?id=3472 Bug ID: 3472 Summary: Consider discontinuing support for sntrup761x25519-sha512 at openssh.com Product: Portable OpenSSH Version: v9.0p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: Build system Assignee: unassigned-bugs at mindrot.org Reporter: ricky.tigg at gmail.com Hello. Post-quantum cryptographic primitives sntrup761x25519-sha512 at openssh.com and chacha20-poly1305 at openssh.com were introduced in OpenSSH respectively in v. 8.5, as default in v. 9.0, and v. 6.5, promoted default cipher in v. 6.9. I mistaken by conceiving that the project has for policy to solely accept to integrate algorithm implementations which have been standardised either by a recognised national or internal standards entity. At this very time, it seems there is no such standard for NTRU. It's worth noting that NIST recently decided not to select NTRU for standardisation. It instead selected CRYSTALS-Kyber in this respect. What could have happened for it to be integrated in this project, when apparently nothing intended it for this destiny? Has it ever occurred to any of you developers that a such integration might be inappropriate? It's surprising to say the least. (*) https://nvlpubs.nist.gov/nistpubs/ir/2022/NIST.IR.8413.pdf#page=47&zoom=100,120,546 -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Sep-08 22:34 UTC
[Bug 3472] Consider discontinuing support for sntrup761x25519-sha512@openssh.com
https://bugzilla.mindrot.org/show_bug.cgi?id=3472 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Status|NEW |RESOLVED Resolution|--- |WONTFIX --- Comment #1 from Damien Miller <djm at mindrot.org> --- chacha20-poly1305 isn't a PQ algorithm. It's an AEAD and is AFAIK out of scope for PQ work. We'll almost certainly support Kyber as a KEM once the dust settles from the standardisation process, but have no intention of removing support for the existing PQ KEM in the short-medium term. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2022-Oct-04 10:57 UTC
[Bug 3472] Consider discontinuing support for sntrup761x25519-sha512@openssh.com
https://bugzilla.mindrot.org/show_bug.cgi?id=3472 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #2 from Damien Miller <djm at mindrot.org> --- Closing bugs from OpenSSH 9.1 release cycle -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.