openssh
openssh copied to clipboard
open-quantum-safe
Migrate to OpenSSH 9.2
Migrate to the 9.x branch. Interestingly, hybrid PQC is now the default since 9.0.
From the 9.0 release notes:
* [ssh(1)](https://man.openbsd.org/ssh.1), [sshd(8)](https://man.openbsd.org/sshd.8): use the hybrid Streamlined NTRU Prime + x25519 key
exchange method by default ("[email protected]").
The NTRU algorithm is believed to resist attacks enabled by future
quantum computers and is paired with the X25519 ECDH key exchange
(the previous default) as a backstop against any weaknesses in
NTRU Prime that may be discovered in the future. The combination
ensures that the hybrid exchange offers at least as good security
as the status quo.
We are making this change now (i.e. ahead of cryptographically-
relevant quantum computers) to prevent "capture now, decrypt
later" attacks where an adversary who can record and store SSH
session ciphertext would be able to decrypt it once a sufficiently
advanced quantum computer is available.
Is this a "migration" or rather a more complete code update -- incl. the requirement to first implement #66 to be able to interop with "sntrup761x25519-sha512"?
Just to keep track of the most recent OpenSSH release; this update can be done independently of our other work items. I don't see the need to interop with the built-in OpenSSH PQC suite through OQS.
I'm picking this up to help get the project back in an up to date and healthy state. The current upstream OpenSSH version is 9.7 so I'll target that under a new OQS-v9 branch.
Can a maintainer create an OQS-v9 branch based at the current tip so that I can cut a PR to merge into it? I think it makes sense to maintain the status quo for now since I expect the v9 branch to be broken until I fix all the merge issues. Longer term, I think it makes sense to move to maintaining a single master branch but let's allow the dust to settle first.
Can a maintainer create an
OQS-v9branch based at the current tip so that I can cut a PR to merge into it?
https://github.com/open-quantum-safe/openssh/tree/OQS-v9
Can someone disable the upstream Github workflows on the v9 branch/repository? Historically, I see that only the Circle CI checks should be running (e.g. last PR on v8). My latest PR here is getting a wall of failures from the upstream CI checks.
Can someone disable the upstream Github workflows on the v9 branch/repository?
Just completely disabled these long-running beasts. Also better for the environment. Please let us know when they would be good to run again.
Thanks! Getting these to run seem to be long-running issue (Issues #89, #90). I took a peek and it looks like two things need to get done: 1 - build/setup scripts need to be updated to support compile/link against liboqs (straightforward) 2 - make tests target needs to succeed for all tests. The latter piece requires a lot of net-new development on the OQS fork to root-cause and workaround all the failures and feature gaps.
With PR #161, the OQS-v9 branch is now at parity with OQS-v8 and we should be able to close out this issue now. I'll leave it open for now as Christian mentioned that he had some comments on that PR.
I'll leave it open for now as Christian mentioned that he had some comments on that PR.
Michael covered the comments I had on the PR; looks good, glad it was merged. Busy day yesterday, I couldn't make it again yesterday to the meeting; but I told Matt how much we appreciate the hard work you've been doing here! You can close.