[
https://issues.apache.org/jira/browse/SSHD-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17216781#comment-17216781
]
Matt Sicker commented on SSHD-1017:
-----------------------------------
Yeah, I had similar problems. Can this work with the Poly1305 Mac
implementation in Bouncy Castle? Otherwise, we'll either need to copy the
Poly1305 code (I've written this from scratch before, but it requires
constant-time math to implement securely, not BigInteger math) or add another
dependency for it.
This also makes me wonder if it would be worth proposing an alternative
chacha20 cipher extension that uses the actual chacha RFC rather than the
pre-standardized version.
> Add support for chacha20-poly1...@openssh.com
> ---------------------------------------------
>
> Key: SSHD-1017
> URL: https://issues.apache.org/jira/browse/SSHD-1017
> Project: MINA SSHD
> Issue Type: New Feature
> Reporter: Matt Sicker
> Priority: Major
>
> See [protocol
> details|https://github.com/openbsd/src/blob/master/usr.bin/ssh/PROTOCOL.chacha20poly1305].
> * [RFC 7539|https://tools.ietf.org/html/rfc7539] describes the
> ChaCha20-Poly1305 algorithm.
> * [Dropbear
> implementation|https://github.com/mkj/dropbear/blob/master/chachapoly.c]
> * [OpenSSH
> implementation|https://github.com/openbsd/src/blob/master/usr.bin/ssh/cipher-chachapoly-libcrypto.c]
> The cipher is provided by Bouncycastle.
> As a bonus, this could potentially be adapted to propose an equivalent
> AES/GCM cipher encoding to how OpenSSH implements this ChaCha20-Poly1305
> cipher.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org
