search for: kex_c25519_genkey

...+ rnd >>= 8; > + } > > easier to use arc4random_buf() here. If we use the -donna implementation > then we need to do the > > client_key[0] &= 248; > client_key[31] &= 127; > client_key[31] |= 64; > > ourselves. It might be better to have put a kex_c25519_genkey() in > kexc25519.c that does it all and use it in both the client and server. > > -d >

Dear OpenSSH developers, I've worked this week on an alternative key exchange mechanism, in reaction to the whole NSA leaks and claims over cryptographic backdoors and/or cracking advances. The key exchange is in my opinion the most critical defense against passive eavesdropping attacks. I believe Curve25519 from DJB can give users a secure alternative to classical Diffie-Hellman (with fixed