New key type (ed25519) and private key format

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.key



> Am 07.12.2013 um 16:00 schrieb Aris Adamantiadis <aris at badcode.be>:
> 
> Le 7/12/13 07:40, Damien Miller a ?crit :
>> Hi,
>> 
>> Ed25519 is not supported in OpenSSL, so we used a public-domain
>> implementation (from SUPERCOP). Unfortunately this means that we could
>> not use the PEM key format that we have used for RSA, DSA and ECDSA keys
>> until now, so Markus made a new one.
>> 
>> The new key format looks a lot like the old one (a blob of base64
>> encoded key material with beginning and end markers), but offers quite
>> a bit more protection to the key from offline attacks against the
>> passphrase. The new format uses a bcrypt-based key derivation function
>> that makes is brute-force attacks against stolen private keys far
>> slower.
> Hi Damien, Markus,
> 
> I do not understand why Ed25519 not being in Openssl couldn't let you
> use the pem-like format described in RFC4716. In fact that would have
> been a good occasion of getting rid of the complex PEM decoder from
> libcrypto and implement your own (with relevant subset of ASN.1
> decoding). Maybe you did not want something as complex as PEM.
> 
> When designing your new format, did you take in consideration some of
> the criticism over the existing PEM format to improve it ? One of the
> functionalities I could see useful would be to embed the public key
> authenticated but not encrypted into the key file. That way, it is
> always possible to determine if a key is useful before asking the
> passphrase to the user (current workaround needs the actual encrypted
> key and a cleartext public key file, which can be confusing). The key
> format of putty could have been a good candidate. Some food for thoughts
> on [1].
> 
> Did you publish some specs already ? I cannot find it yet on openssh.org.
> 
> Regards and good week-end,
> 
> Aris
> 
> [1]
> http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/key-formats-natively.html
> 
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux