search for: sp800

Hello, I saw from OpenSSH man pages that the DSA key length must be 1024 bytes (according to the standard FIPS 186-2). According to the FIPS186-3 and NIST SP800-57, DSA key length could be greater than 1024 bytes (2048, 3072). Will OpenSSH be compliant with this new standard? If yes, could you share with me the delivery plan of OpenSSh version implementing FIPS186-3/NIST SP800-57 standard? Thanks in advance. Best Regards GERARDO P...

...Kahn Gillmor wrote: > On Tue 2015-05-26 15:39:49 -0400, Mark D. Baushke wrote: > > Hi Folks, > > > > The generator value of 5 does not lead to a q-ordered subgroup which > > is needed to pass tests in > > > > http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf > > I pulled revision 2 of this document from here: > > https://dx.doi.org/10.6028/nist.sp.800-56ar2 > > The "FFC Domain Parameter Generation" section does say: > > g is a generator of the cyclic subgroup of GF(p)* of order q, &...

Following is sharelessly copied from one of the newsgroups I read on grc.com.. /Soren NIST issues recommendations for secure VOIP http://www.gcn.com/vol1_no1/daily-updates/34747-1.html http://csrc.nist.gov/publications/nistpubs/800-58/SP800-58-final.pdf *********************************************************** Quote *********************************************************** The National Institute of Standards and Technology has offered some cautionary advice for offices considering moving their telephone systems to voice over IP....

...eys must be 1024 bits"); Commenting these two lines allows the generation of, say, 2048 bit DSA keys that work just fine with sshd. The only reason that I could previously find is that 1024 is imposed by FIPS 186-2, but the current FIPS 186-3 allows for larger DSA keys. In light of the NIST SP800-131A guide that recommends 2048 as a minimum for DSA key length, can anyone please explain me why the limitation still exists in current openssh (6.3p1)? Is there a legal constraint? Thank you, -- Silviu

https://bugzilla.mindrot.org/show_bug.cgi?id=2302 --- Comment #4 from Damien Miller <djm at mindrot.org> --- Comment on attachment 2630 --> https://bugzilla.mindrot.org/attachment.cgi?id=2630 Make the DH-GEX fallback group 4k bit. Where did this group come from? IMO it would be best to use one of the standard groups if we're picking another fixed one - logjam attacks aren't

Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a path some folks (us) want...

Greetings, Given the weakness with Diffie-Hellman modp groups less than 2048, is it time to bump the suggested 1024 bit minimum value from the RFC 4419 to a more current 2048 value for OpenSSH 7.0? If so, should this be just a compile-time change, or should there be a new client and server runtime option? Thanks, -- Mark

Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a path some folks (us) w...

...RSA keypair with something like AES-128, AES-256, or Twofish instead of 3DES and still use it with OpenSSH? Can ssh-add read (unencrypted) key data from stdin? ____________________ [1] http://csrc.nist.gov/groups/ST/toolkit/key_management.html [2] http://csrc.nist.gov/groups/ST/toolkit/documents/SP800-57Part1_3-8-07.pdf -- jim knoble | jmknoble at pobox.com | http://www.pobox.com/~jmknoble/ (GnuPG key ID: C6F31FFA >>>>>> http://www.pobox.com/~jmknoble/keys/ ) (GnuPG fingerprint: 99D8:1D89:8C66:08B5:5C34::5527:A543:8C33:C6F3:1FFA) +---------------------------------------...

Somewhat Samba related, I ask this question (that might be over the line and into Windows territory) but, here I go . . . Of those user on this mailing list that manage Samba installs for various clients/customers, what are your most used GPO policies you have put into place for AD management? I ask because, when you venture over into Windows world and start reading posted articles about their

...bit (20-byte). Whereas openssl starting from 1.0.0 creates DSA 2048 bit keys with q=256(SHA2) incompatible with openssh which validates against q=160(SHA1 hash). Using openssl version 0.9.8 or less solves the issue since it generates DSA 2048 keys with q=160, but there is no security benefit since SP800-57 rates DSA=2048/160 as 80 bit strength which is less than the nom 112 bits. For more info: http://openssl.6102.n7.nabble.com/openssl-1-0-1e-bad-sig-size-32-32-for-DSA-2048-keys-tc45189.html#a45246 -- You are receiving this mail because: You are watching the assignee of the bug.

...bit (20-byte). Whereas openssl starting from 1.0.0 creates DSA 2048 bit keys with q=256(SHA2) incompatible with openssh which validates against q=160(SHA1 hash). Using openssl version 0.9.8 or less solves the issue since it generates DSA 2048 keys with q=160, but there is no security benefit since SP800-57 rates DSA=2048/160 as 80 bit strength which is less than the nom 112 bits. For more info: http://openssl.6102.n7.nabble.com/openssl-1-0-1e-bad-sig-size-32-32-for-DSA-2048-keys-tc45189.html#a45246 -- You are receiving this mail because: You are watching the assignee of the bug.

Hi, You will be aware of https://weakdh.org/ by now, I presume; the take-home seems to be that 1024-bit DH primes might well be too weak. I'm wondering what (if anything!) you propose to do about this issue, and what Debian might do for our users? openssh already prefers ECDH, which must reduce the impact somewhat, although the main Windows client (PuTTY) doesn't support ECDH yet. But

Hi, I admit I never gave security that much thought, that is, except the most basic security rules like choosing good passwords, or reasonable file and directory permissions. But now I have to change that, since I'll soon have to setup a dedicated production server for our public libraries. I wonder where to begin. I would say first thing is get a series of "auditing" tools

...RSA keypair with something like AES-128, AES-256, or Twofish instead of 3DES and still use it with OpenSSH? Can ssh-add read (unencrypted) key data from stdin? ____________________ [1] http://csrc.nist.gov/groups/ST/toolkit/key_management.html [2] http://csrc.nist.gov/groups/ST/toolkit/documents/SP800-57Part1_3-8-07.pdf -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2302 Bug ID: 2302 Summary: ssh (and sshd) should not fall back to deselected KEX algos Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: security Priority: P5 Component: ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=2302 Bug ID: 2302 Summary: ssh (and sshd) should not fall back to deselected KEX algos Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: security Priority: P5 Component: ssh