https://bugzilla.mindrot.org/show_bug.cgi?id=3472
Bug ID: 3472
Summary: Consider discontinuing support for
sntrup761x25519-sha512@openssh.com
Product: Portable OpenSSH
Version: v9.0p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Build system
Assignee: unassigned-bugs@mindrot.org
Reporter: ricky.tigg@gmail.com
Hello. Post-quantum cryptographic primitives
sntrup761x25519-sha512@openssh.com and chacha20-poly1305@openssh.com
were introduced in OpenSSH respectively in v. 8.5, as default in v.
9.0, and v. 6.5, promoted default cipher in v. 6.9. I mistaken by
conceiving that the project has for policy to solely accept to
integrate algorithm implementations which have been standardised either
by a recognised national or internal standards entity. At this very
time, it seems there is no such standard for NTRU. It's worth noting
that NIST recently decided not to select NTRU for standardisation. It
instead selected CRYSTALS-Kyber in this respect. What could have
happened for it to be integrated in this project, when apparently
nothing intended it for this destiny? Has it ever occurred to any of
you developers that a such integration might be inappropriate? It's
surprising to say the least.
(*)
https://nvlpubs.nist.gov/nistpubs/ir/2022/NIST.IR.8413.pdf#page=47&zoom=100,120,546
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
Bug ID: 3472
Summary: Consider discontinuing support for
sntrup761x25519-sha512@openssh.com
Product: Portable OpenSSH
Version: v9.0p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Build system
Assignee: unassigned-bugs@mindrot.org
Reporter: ricky.tigg@gmail.com
Hello. Post-quantum cryptographic primitives
sntrup761x25519-sha512@openssh.com and chacha20-poly1305@openssh.com
were introduced in OpenSSH respectively in v. 8.5, as default in v.
9.0, and v. 6.5, promoted default cipher in v. 6.9. I mistaken by
conceiving that the project has for policy to solely accept to
integrate algorithm implementations which have been standardised either
by a recognised national or internal standards entity. At this very
time, it seems there is no such standard for NTRU. It's worth noting
that NIST recently decided not to select NTRU for standardisation. It
instead selected CRYSTALS-Kyber in this respect. What could have
happened for it to be integrated in this project, when apparently
nothing intended it for this destiny? Has it ever occurred to any of
you developers that a such integration might be inappropriate? It's
surprising to say the least.
(*)
https://nvlpubs.nist.gov/nistpubs/ir/2022/NIST.IR.8413.pdf#page=47&zoom=100,120,546
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs