Mathias Brossard
2017-Dec-21 00:42 UTC
[PATCH] Enabling ECDSA in PKCS#11 support for ssh-agent
Hi, Two years ago I submitted a patch ( https://bugzilla.mindrot.org/show_bug.cgi?id=2474) to enable ECDSA in PKCS#11 support for ssh-agent. During this time: - The value of 2FA has become increasingly visible, and is sometimes even mandated by regulations. 2FA tokens that can store asymmetric keys are more readily available. - The ROCA vulnerability impacting millions of smartcards for RSA key generation. Cryptographic algorithm agility is a good thing, and can help to work-around those kind of issues. - Many people, in the ticket, the mailing-list or privately to me, have showed an interest in the patch, several of them expressing a desire to help. I got test results, bug reports, improvements requests and patches. ECDSA is not perfect but in the context of SSH with secure elements, the signature is faster and smaller than RSA at similar security levels. Some of my fellow contributors have asked what we can do to help this get merged upstream. Except tracking new releases and possible additional issues encountered in test, I think at this point we can't do a lot more on our own. We would welcome additional feedback, in particular from maintainers. Sincerely, -- Mathias Brossard
Blumenthal, Uri - 0553 - MITLL
2017-Dec-21 01:11 UTC
[PATCH] Enabling ECDSA in PKCS#11 support for ssh-agent
I'm disappointed that the maintainers haven't integrated ECDSA support yet, and urge to do so now. Regards, Uri Sent from my iPhone> On Dec 20, 2017, at 19:48, Mathias Brossard <mathias at brossard.org> wrote: > > Hi, > > Two years ago I submitted a patch ( > https://bugzilla.mindrot.org/show_bug.cgi?id=2474) to enable ECDSA in > PKCS#11 support for ssh-agent. During this time: > - The value of 2FA has become increasingly visible, and is sometimes even > mandated by regulations. 2FA tokens that can store asymmetric keys are more > readily available. > - The ROCA vulnerability impacting millions of smartcards for RSA key > generation. Cryptographic algorithm agility is a good thing, and can help > to work-around those kind of issues. > - Many people, in the ticket, the mailing-list or privately to me, have > showed an interest in the patch, several of them expressing a desire to > help. I got test results, bug reports, improvements requests and patches. > > ECDSA is not perfect but in the context of SSH with secure elements, the > signature is faster and smaller than RSA at similar security levels. Some > of my fellow contributors have asked what we can do to help this get merged > upstream. Except tracking new releases and possible additional issues > encountered in test, I think at this point we can't do a lot more on our > own. We would welcome additional feedback, in particular from maintainers. > > Sincerely, > -- > Mathias Brossard > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev-------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5801 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20171221/e74d35b4/attachment.p7s>