openssh bugs - Apr 2005 - [Bug 1023] Add support for dhgex-sha512

http://bugzilla.mindrot.org/show_bug.cgi?id=1023

           Summary: Add support for dhgex-sha512
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: OpenBSD
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: sshd
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: djm at mindrot.org


This is a patch to add support for diffie-hellman-group-exchange-sha512, a
variant of diffie-hellman-group-exchange-sha1 that computes the exchange hash
and the key derivation PRF with SHA512 instead of SHA1.

This removes the (largely acedemic) 160-bit bottleneck that prevented ciphers
with longer keys from being fully utilised.

Note that this patch requires a modified OpenSSL to build (set evp.h's
EVP_MAX_MD_SIZE to 64 and rebuild - NB this breaks bincompat). It could be
cajoled into working with OpenSSL CVS HEAD with some minor changes.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1023





------- Additional Comments From djm at mindrot.org  2005-04-21 11:23 -------
Created an attachment (id=886)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=886&action=view)
Patch to -current 20050421




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1023


djm at mindrot.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #886 is|0                           |1
           obsolete|                            |
         AssignedTo|openssh-bugs at mindrot.org    |djm at mindrot.org
             Status|NEW                         |ASSIGNED




------- Additional Comments From djm at mindrot.org  2005-05-11 13:32 -------
Created an attachment (id=906)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=906&action=view)
Revised diff

Fix bad kex method name in proposal. Interop tested against patched putty.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.