DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security
Reload this Page OpenSSH Post Quantum KEM
FAQ Search Today's Posts Mark Forums Read

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 1 Week Ago
Andy8025 Andy8025 is offline
New User
  
Join Date: Apr 2025
Posts: 3
Default OpenSSH Post Quantum KEM
In the release notes for OpenBSD 7.7 https://www.openbsd.org/77.html one item stood out to me:

OpenSSH 10.0
ssh(1): the hybrid post-quantum algorithm mlkem768x25519-sha256 is now used by default for key agreement.

Does anyone know why the OpenSSH devs chose the NIST/NSA recommended algorithm ML-KEM-768 (aka Kyber-768)? And not even its strongest version? Signal, for example, uses Kyber-1024. Why didn't they chose McEliece, as recommended by cryptographers like Dan Bernstein.

I checked the mailing list at https://marc.info/?l=openssh-unix-dev&r=1&w=2 but did not see any discussion there on this subject.
Reply With Quote
  #2   (View Single Post)  
Old 1 Week Ago
jmccue jmccue is offline
Real Name: John McCue
Package Pilot
  
Join Date: Aug 2012
Location: here
Posts: 203
Default
To me with openssh, I try and keep the defaults because when it comes to encryption, it all goes over my head

But I would think "post-quantum" is the reason, maybe that means it could inhibit a future quantum computer from breaking the key.
__________________
[t]csh(1) - "An elegant shell, for a more... civilized age."
- Paraphrasing Star Wars (tvtropes.org)
Reply With Quote
  #3   (View Single Post)  
Old 1 Week Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
  
Join Date: May 2008
Location: USA
Posts: 8,116
Default
Looking through the commit history, I can see that the decision to make this particular key exchange the default occurred on October 25 of last year. You could ask these developers directly about the decision.

https://cvsweb.openbsd.org/src/usr.bin/ssh/myproposal.h

https://cvsweb.openbsd.org/src/usr.bin/ssh/ssh_config.5
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Post-quantum crypto cracked in an hour with one core of an ancient Xeon J65nko News 1 4th August 2022 12:29 PM
firefox quantum leaks buildId Scripter General software and network 0 4th May 2018 01:03 PM
Quantum Information and quBits shep News 1 15th October 2012 02:13 PM
7 atom quantum dot transistor roddierod News 0 24th May 2010 02:15 PM
will quantum computers your replace your desktop PC within your lifetime? ephemera General Hardware 22 20th October 2008 03:29 AM


All times are GMT. The time now is 05:04 PM.

DaemonForums.org RSS Feeds - Contact Us - DaemonForums.org - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick