IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
RE: New version of rsa-sha2-512 draft posted: no more DSA
On Sun, 8 Nov 2015, Peter Gutmann wrote:
> Damien Miller <djm%mindrot.org@localhost> writes:
>
> >Moreover, any SSH implementation that supports ed25519 in the future will
> >need SHA512 for it's inner hash, so it's not like it will be extra code to
> >carry around.
>
> This assumes that your implementation carries an entire crypto library around
> with it. Many don't, but use the host's crypto. If the host doesn't support
> algorithm X, then you're out of luck.
What I'm saying is that any implementation that does ed25519 keys will
also need to support SHA512. So SHA512 seems like a good choice if you
care about minimising the amount of code that you want to carry around.
ed25519 looks like it will be an excellent choice for embedded devices,
and Peter Schwabe has a couple of MCU ports (inc. 8 bit AVR) already.
-d
Home |
Main Index |
Thread Index |
Old Index