bugzilla-daemon at bugzilla.mindrot.org
2019-Nov-03 07:41 UTC
[Bug 3087] New: Ed448 support
https://bugzilla.mindrot.org/show_bug.cgi?id=3087
Bug ID: 3087
Summary: Ed448 support
Product: Portable OpenSSH
Version: 8.1p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee: unassigned-bugs at mindrot.org
Reporter: sergio+it at outerface.net
Please add support for Ed448 keys.
--
You are receiving this mail because:
You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3087
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |djm at mindrot.org
Resolution|--- |WONTFIX
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Sorry, we don't see any need for ed448. There's nothing wrong with the
algorithm per se, but there doesn't seem to be much point for it. Being
able to break ed25519 seems to require either a fundamental
cryptanalytic result against elliptic curve cryptography or quantum
computation.
In either case, the attack that allows ed25519 to be broken is likely
to apply equally to ed448. I.e. if one falls, then the other is almost
certainly going to as well.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3087 --- Comment #2 from sergio <sergio+it at outerface.net> --- Quite an odd decision. ed448 differs from ed25519 same as rsa4096 from rsa8192. It's not about quantum computation resistance but about a key length. Moreover ed448 is included into multiple RFCs and supported in openssl for example. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3087
sergio <sergio+it at outerface.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|WONTFIX |---
Status|RESOLVED |REOPENED
--- Comment #3 from sergio <sergio+it at outerface.net> ---
I believe this decision should be reviewed.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3087 --- Comment #4 from sergio <sergio+it at outerface.net> --- openssl supports Ed448 gnupg will support Ed448: https://dev.gnupg.org/D505 erlang ssh supports Ed448: https://erlang.org/doc/man/SSH_app.html -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3087
complain at posteo.net changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |complain at posteo.net
--- Comment #5 from complain at posteo.net ---
For completeness it should be noted that since this bug was closed,
ssh-ed448 was formalized in RFC 8709:
https://tools.ietf.org/rfc/rfc8709.txt
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3087
Christian Kujau <mindrot at nerdbynature.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mindrot at nerdbynature.de
--- Comment #6 from Christian Kujau <mindrot at nerdbynature.de> ---
Adding more and more software that supports Ed448 may look a bit
spammy, but I cannot resist doing exactly that:
Putty supports Ed448 keys since v0.75 (released 2021-05-08)
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ed448.html
Thanks for re-considering :-)
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3087
git at nwex.de changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |git at nwex.de
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3087
Celeste Liu <CoelacanthusHex at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |CoelacanthusHex at gmail.com
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3087
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution|--- |WONTFIX
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
https://bugzilla.mindrot.org/show_bug.cgi?id=3087 --- Comment #7 from Damien Miller <djm at mindrot.org> --- We'll be happy to reconsider this if/when there are published cryptanalytic results against ed25519. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.