[lugm.org] OpenSSH New key format: ED25519
Loganaden Velvindron
gnukid1 at yahoo.co.uk
Sun Dec 8 05:31:35 UTC 2013
Hardware Number generators can be weakens or flawed:
A canadian security researcher posted this:
https://pbs.twimg.com/media/Baz4zDGCMAElVBi.png:large
We can no longer trust the hardware RNG as the sole source of randomization.
ED25519 doesn't depend on possibly flawed hardware RNG for generating SSH keys.
We strongly believe that it's another reason to migrate key generation to ED25519 !
Kind regards,
//Logan
C-x-C-c
On Saturday, 7 December 2013, 15:14, Loganaden Velvindron <gnukid1 at yahoo.co.uk> wrote:
We've just added the missing piece to get ED25519 working for the upcoming OpenSSH 6.5 release:
CVSROOT: /var/cvs
Module name: openssh
Changes by: djm at fuyu.mindrot.org 13/12/07 21:43:47
Modified files:
. : ChangeLog Makefile.in
Log message:
- (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from
Loganaden Velvindron @ AfriNIC in bz#2179
What's does this Key offer ? The design is better as it doesn't depend on any source of predictable
number generator(s), unlike ECDSA/DSA.
ED25519 design has not been influenced by the NSA or NIST.
We strongly urge OpenSSH users to consider switching to the new key when OpenSSH 6.5 will be released.
Kind regards,
//Logan
C-x-C-c
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://discuss.lugm.org/pipermail/discuss_discuss.lugm.org/attachments/20131208/96cf807b/attachment.html>
More information about the Discuss
mailing list