Hello, I saw from OpenSSH man pages that the DSA key length must be 1024 bytes (according to the standard FIPS 186-2). According to the FIPS186-3 and NIST SP800-57, DSA key length could be greater than 1024 bytes (2048, 3072). Will OpenSSH be compliant with this new standard? If yes, could you share with me the delivery plan of OpenSSh version implementing FIPS186-3/NIST SP800-57 standard? Thanks in advance. Best Regards GERARDO PETTI Software Engineer, AXE IO Area Ericsson Italy TEI/XSD via Madonna di Fatima, 2 Pagani, Italy gerardo.petti at ericsson.com www.ericsson.com This Communication is Confidential. We only send and receive email on the basis of the terms set out at www.ericsson.com/email_disclaimer
Gerardo Petti wrote:> I saw from OpenSSH man pages that the DSA key length must be 1024 bytes > (according to the standard FIPS 186-2). > > According to the FIPS186-3 and NIST SP800-57, DSA key length could be > greater than 1024 bytes (2048, 3072).FIPS 186-3 also specifies hashes other than SHA-1 for key lengths >1024.> Will OpenSSH be compliant with this new standard?As far as DSA key length goes I think it's already compliant with FIPS 186-3 as far as is possible within the SSH protocol spec. See https://bugzilla.mindrot.org/show_bug.cgi?id=1647 for details. If you want keys stronger than 1024 bits then use RSA. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Possibly Parallel Threads
- FYI: NIST issues recommendations for secure VOIP
- [Bug 2302] with DH-GEX, ssh (and sshd) should not fall back to unconfigured DH groups or at least document this behaviour and use a stronger group
- ssh-keygen DSA keys longer than 1024 bit
- samba client improperly shows the wrong files in directories
- Re: samba 3.0.10 pkg