[jira] [Commented] (SSHD-1017) Add support for chacha20-poly1305@openssh.com

Mon, 19 Oct 2020 08:48:03 -0700 


    [ 
https://issues.apache.org/jira/browse/SSHD-1017?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17216833#comment-17216833
 ] 

Matt Sicker commented on SSHD-1017:
-----------------------------------

Oh yes, that makes sense. I read through the OpenSSH source code a lot while I 
was working on the AES/GCM extension here as well as attempting this extension, 
and it's written very cleanly (typical OpenBSD pride point), and I also looked 
through Dropbear which seems to have some popularity in the embedded and IoT 
space due to being even smaller than OpenSSH. I noticed that most SSH 
implementations are extremely similar (they're all built around the standard 
after all, and it does encourage specific architectures), so I hope that such 
an approach might be feasible anyways. In the meantime, though, this particular 
Jira ticket is still to support 
[chacha20-poly1...@openssh.com|mailto:chacha20-poly1...@openssh.com] and not 
some hypothetical 
[chacha20-poly1...@apache.org|mailto:chacha20-poly1...@apache.org] extension. 
Thanks for the pointers!

> Add support for chacha20-poly1...@openssh.com
> ---------------------------------------------
>
>                 Key: SSHD-1017
>                 URL: https://issues.apache.org/jira/browse/SSHD-1017
>             Project: MINA SSHD
>          Issue Type: New Feature
>            Reporter: Matt Sicker
>            Priority: Major
>
> See [protocol 
> details|https://github.com/openbsd/src/blob/master/usr.bin/ssh/PROTOCOL.chacha20poly1305].
> * [RFC 7539|https://tools.ietf.org/html/rfc7539] describes the 
> ChaCha20-Poly1305 algorithm.
> * [Dropbear 
> implementation|https://github.com/mkj/dropbear/blob/master/chachapoly.c]
> * [OpenSSH 
> implementation|https://github.com/openbsd/src/blob/master/usr.bin/ssh/cipher-chachapoly-libcrypto.c]
> The cipher is provided by Bouncycastle.
> As a bonus, this could potentially be adapted to propose an equivalent 
> AES/GCM cipher encoding to how OpenSSH implements this ChaCha20-Poly1305 
> cipher.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org

Reply via email to