x/crypto/ssh: Support sha-2 family hash algorithms for key exchange (RFC 8268) #31731

breml · 2019-04-28T19:54:56Z

Feature Request: Add support for sha-2 family hash algorithms for key exchange (RFC 8268)

Due to concerns with SHA-1 and with MODP groups with less than 2048 bits, RFC 8268 suggests to add 5 new key exchange algorithms:

diffie-hellman-group14-sha256
diffie-hellman-group15-sha512
diffie-hellman-group16-sha512
diffie-hellman-group17-sha512
diffie-hellman-group18-sha512

Currently, non of these new key exchange algorithms is present in x/crypto/ssh. For diffie-hellman-group14-sha256 the RFC states it SHOULD be supported to smooth the transition to newer group sizes.

The text was updated successfully, but these errors were encountered:

hanwen · 2019-04-30T10:46:58Z

But why? There are a number of more modern kexes based on elliptic curves, which are faster to process and (AFAIK) as secure.

bcmills · 2019-05-22T18:02:51Z

CC @hanwen @FiloSottile

gopherbot added this to the Unreleased milestone Apr 28, 2019

bcmills added FeatureRequest NeedsInvestigation labels May 22, 2019

golang / go

x/crypto/ssh: Support sha-2 family hash algorithms for key exchange (RFC 8268) #31731

x/crypto/ssh: Support sha-2 family hash algorithms for key exchange (RFC 8268) #31731

breml commented Apr 28, 2019

hanwen commented Apr 30, 2019

bcmills commented May 22, 2019

golang / go

x/crypto/ssh: Support sha-2 family hash algorithms for key exchange (RFC 8268) #31731

x/crypto/ssh: Support sha-2 family hash algorithms for key exchange (RFC 8268) #31731

Comments

breml commented Apr 28, 2019

Feature Request: Add support for sha-2 family hash algorithms for key exchange (RFC 8268)

hanwen commented Apr 30, 2019

bcmills commented May 22, 2019