search for: dss_signature_blob

https://bugzilla.mindrot.org/show_bug.cgi?id=2115 Bug ID: 2115 Summary: Support for DSA p=2048 q=256/224 bit keys Product: Portable OpenSSH Version: 6.1p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee: unassigned-bugs at

https://bugzilla.mindrot.org/show_bug.cgi?id=2115 Bug ID: 2115 Summary: Support for DSA p=2048 q=256/224 bit keys Product: Portable OpenSSH Version: 6.1p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh-keygen Assignee: unassigned-bugs at

...t would seem that the L=2048,N=256 L=3072,N=256 selections are now > possible while remaining standards compliant. SHA-1 is not allowed in digital signatures per NIST SP 800-131A after December 31, 2013. The problem is in the way that ssh-dss is specified in RFC 4253 to use a SHA-1 hash in the dss_signature_blob. The same problems exist for x509v3-ssh-dss which also specifies the use of SHA-1. In order to use a DSA-2048 or DSA-3072 with SHA-256 or SHA-512, one would likely need to move to the pgp-sign-dss public key algorithm of RFC2440 as obsoleted by RFC 4880 section 13.6 which allows for L=1024, N=1...

https://bugzilla.mindrot.org/show_bug.cgi?id=1647 mackyle at gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mackyle at gmail.com --- Comment #2 from mackyle at gmail.com --- RFC 6668 [1] (2012-07) updated RFC 4253 adding the SHA-256 data

https://bugzilla.mindrot.org/show_bug.cgi?id=1647 mackyle at gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mackyle at gmail.com --- Comment #2 from mackyle at gmail.com --- RFC 6668 [1] (2012-07) updated RFC 4253 adding the SHA-256 data