search for: 131a

Displaying 12 results from an estimated 12 matches for "131a".

Did you mean: 131
2013 May 23
1
Support for "ssh-rsa-sha256" and "ssh-dss-sha256" ?
I completely support this request. ?My organization is interested in supporting these public key algorithms to comply with NIST SP 800-131A too. Jeff, it is my understanding that through RFC4419, OpenSSH can be support the Key Agreement Using Diffie-Hellman and MQV guidelines in SP 800-131A using the "diffie-hellman-group-exchange-sha256" method. ?Is that correct? Thanks.
2015 Jul 24
2
DH_GRP_MIN is currently 1024, should it be bumped to 2048?
Greetings, Given the weakness with Diffie-Hellman modp groups less than 2048, is it time to bump the suggested 1024 bit minimum value from the RFC 4419 to a more current 2048 value for OpenSSH 7.0? If so, should this be just a compile-time change, or should there be a new client and server runtime option? Thanks, -- Mark
2013 May 28
9
[Bug 2109] New: Add support for ssh-rsa-sha256 and ssh-dsa-sha256 public key algorithms
...Hardware: All OS: FreeBSD Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: Geoff_Lowe at McAfee.com Based on guidelines in NIST Special Publication 800-131A, "Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths" dated January 2011, the US Governement is pushing for stronger crypto in a number of different areas (encryption, digital signatures, random number generation, key agreement using diffie-h...
2013 Oct 03
1
ssh-keygen DSA keys longer than 1024 bit
...st be 1024 bits"); Commenting these two lines allows the generation of, say, 2048 bit DSA keys that work just fine with sshd. The only reason that I could previously find is that 1024 is imposed by FIPS 186-2, but the current FIPS 186-3 allows for larger DSA keys. In light of the NIST SP800-131A guide that recommends 2048 as a minimum for DSA key length, can anyone please explain me why the limitation still exists in current openssh (6.3p1)? Is there a legal constraint? Thank you, -- Silviu
2013 Sep 10
0
[Bug 1647] Implement FIPS 186-3 for DSA keys
...6-3: > > L = 1024, N = 160 > L = 2048, N = 224 > L = 2048, N = 256 > L = 3072, N = 256 > > And it would seem that the L=2048,N=256 L=3072,N=256 selections are now > possible while remaining standards compliant. SHA-1 is not allowed in digital signatures per NIST SP 800-131A after December 31, 2013. The problem is in the way that ssh-dss is specified in RFC 4253 to use a SHA-1 hash in the dss_signature_blob. The same problems exist for x509v3-ssh-dss which also specifies the use of SHA-1. In order to use a DSA-2048 or DSA-3072 with SHA-256 or SHA-512, one would like...
2013 May 15
2
Support for "ssh-rsa-sha256" and "ssh-dss-sha256" ?‏
Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a path some folks (us) want to t...
2013 Sep 10
4
[Bug 1647] Implement FIPS 186-3 for DSA keys
https://bugzilla.mindrot.org/show_bug.cgi?id=1647 mackyle at gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mackyle at gmail.com --- Comment #2 from mackyle at gmail.com --- RFC 6668 [1] (2012-07) updated RFC 4253 adding the SHA-256 data
2013 Sep 10
4
[Bug 1647] Implement FIPS 186-3 for DSA keys
https://bugzilla.mindrot.org/show_bug.cgi?id=1647 mackyle at gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mackyle at gmail.com --- Comment #2 from mackyle at gmail.com --- RFC 6668 [1] (2012-07) updated RFC 4253 adding the SHA-256 data
2013 May 15
0
Support for "ssh-rsa-sha256" and "ssh-dss-sha256" ?
Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a path some folks (us) want t...
2013 Jun 03
7
[Bug 2115] New: Support for DSA p=2048 q=256/224 bit keys
https://bugzilla.mindrot.org/show_bug.cgi?id=2115 Bug ID: 2115 Summary: Support for DSA p=2048 q=256/224 bit keys Product: Portable OpenSSH Version: 6.1p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee: unassigned-bugs at
2013 Jun 03
7
[Bug 2115] New: Support for DSA p=2048 q=256/224 bit keys
https://bugzilla.mindrot.org/show_bug.cgi?id=2115 Bug ID: 2115 Summary: Support for DSA p=2048 q=256/224 bit keys Product: Portable OpenSSH Version: 6.1p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee: unassigned-bugs at
2019 Apr 11
4
Understanding Problem with rsa min key length 1024
Hello, Sometime ago min rsa key length was increased to 1024 bit and i have a little understanding problem with this. I hope somebody with some crypto-experience can enlighten me. To make that clear, that is not about allowing lower keys in general. Personally i would tend to use even longer keys(2048bit+). However Due nature of RSA-algorithm in case of 1024bit this might result in a key