Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)

To: Damien Miller <djm%mindrot.org@localhost>
Subject: Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: Fri, 29 Jan 2016 22:13:36 +0100

Damien Miller <djm%mindrot.org@localhost> writes:

> I'd skip SHA-384 entirely in favour of SHA-512.

Agreed. SHA-384 has the same security as truncated SHA-512 (just
differing initial values). And I don't see any point in doing truncation
for the ssh key exchange hash, am I missing anything?

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.

References:
- draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)
  - From: Mark D. Baushke
- Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)
  - From: Mark D. Baushke
- Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)
  - From: Damien Miller

Prev by Date: RE: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)
Next by Date: Re: suggestion for new ssh maintenance wg
Previous by Thread: Re: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)
Next by Thread: RE: draft-baushke-ssh-dh-group-sha2-01 (was Re: DH group exchange)
Indexes:

Home | Main Index | Thread Index | Old Index