[ 
https://issues.apache.org/jira/browse/SSHD-1260?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dominik Schneider updated SSHD-1260:
------------------------------------
    Description: 
To use ed25519 keys with the SSHD server it is necessary to use the 
net.i2p.crypto dependency. This dependency has a security flaw as it uses 
malleable ed25519 signatures as described in this github 
[issue|[https://github.com/str4d/ed25519-java/issues/82]].

This issue was detected in the context of a paper which checked several ed25519 
implementations for security issues. In Table 5 of the paper, they state that 
this dependency is not SUF-CMA compliant in contrast to the Bouncy Castle 
implementation, which is SUF-CMA compliant.

Besides, it appears that the ed22519-java project is not longer maintained, as 
the issue is fixed in the main project of i2p, but not in this separated crypto 
library. As Bouncy Castle is already supported in SSHD and is SUF-CMA 
compliant, it would be very useful that SSHD supports the Bouncy Castle 
implementation of ed25519. This issue is related to SSHD-985 and SSHD-988.

  was:
To use ed25519 keys with the SSHD server it is necessary to use the 
net.i2p.crypto dependency. This dependency has a security flaw as it creates 
malleable ed25519 signatures as described in this github 
[issue|[https://github.com/str4d/ed25519-java/issues/82]].

This issue was detected in the context of a paper which checked several ed25519 
implementations for security issues. In Table 5 of the paper, they state that 
this dependency is not SUF-CMA compliant in contrast to the Bouncy Castle 
implementation, which is SUF-CMA compliant.

Besides, it appears that the ed22519-java project is not longer maintained, as 
the issue is fixed in the main project of i2p, but not in this separated crypto 
library. As Bouncy Castle is already supported in SSHD and is SUF-CMA 
compliant, it would be very useful that SSHD supports the Bouncy Castle 
implementation of ed25519. This issue is related to SSHD-985 and SSHD-988.

        Summary: EdDSA dependency net.i2p.crypto ed25519 signatures are 
malleable  (was: EdDSA dependency net.i2p.crypto creates malleable ed25519 
signatures)

> EdDSA dependency net.i2p.crypto ed25519 signatures are malleable
> ----------------------------------------------------------------
>
>                 Key: SSHD-1260
>                 URL: https://issues.apache.org/jira/browse/SSHD-1260
>             Project: MINA SSHD
>          Issue Type: Dependency upgrade
>            Reporter: Dominik Schneider
>            Priority: Major
>
> To use ed25519 keys with the SSHD server it is necessary to use the 
> net.i2p.crypto dependency. This dependency has a security flaw as it uses 
> malleable ed25519 signatures as described in this github 
> [issue|[https://github.com/str4d/ed25519-java/issues/82]].
> This issue was detected in the context of a paper which checked several 
> ed25519 implementations for security issues. In Table 5 of the paper, they 
> state that this dependency is not SUF-CMA compliant in contrast to the Bouncy 
> Castle implementation, which is SUF-CMA compliant.
> Besides, it appears that the ed22519-java project is not longer maintained, 
> as the issue is fixed in the main project of i2p, but not in this separated 
> crypto library. As Bouncy Castle is already supported in SSHD and is SUF-CMA 
> compliant, it would be very useful that SSHD supports the Bouncy Castle 
> implementation of ed25519. This issue is related to SSHD-985 and SSHD-988.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org

Reply via email to