http://bugzilla.mindrot.org/show_bug.cgi?id=1023
Summary: Add support for dhgex-sha512
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: OpenBSD
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: djm@mindrot.org
This is a patch to add support for diffie-hellman-group-exchange-sha512, a
variant of diffie-hellman-group-exchange-sha1 that computes the exchange hash
and the key derivation PRF with SHA512 instead of SHA1.
This removes the (largely acedemic) 160-bit bottleneck that prevented ciphers
with longer keys from being fully utilised.
Note that this patch requires a modified OpenSSL to build (set evp.h's
EVP_MAX_MD_SIZE to 64 and rebuild - NB this breaks bincompat). It could be
cajoled into working with OpenSSL CVS HEAD with some minor changes.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Summary: Add support for dhgex-sha512
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: OpenBSD
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: djm@mindrot.org
This is a patch to add support for diffie-hellman-group-exchange-sha512, a
variant of diffie-hellman-group-exchange-sha1 that computes the exchange hash
and the key derivation PRF with SHA512 instead of SHA1.
This removes the (largely acedemic) 160-bit bottleneck that prevented ciphers
with longer keys from being fully utilised.
Note that this patch requires a modified OpenSSL to build (set evp.h's
EVP_MAX_MD_SIZE to 64 and rebuild - NB this breaks bincompat). It could be
cajoled into working with OpenSSL CVS HEAD with some minor changes.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.