« BackOpenSSH 9.9 Releasedundeadly.orgSubmitted by zdw 6 hours ago
  • throw0101c 3 hours ago

    A more 'direct' link to the release notes:

    * https://www.openssh.com/txt/release-9.9

    * https://www.openssh.com/releasenotes.html#9.9p1

    • throw0101c 3 hours ago

      Related to the hybrid post-QC crypto stuff, similar moves have been done for Chrome:

      * https://security.googleblog.com/2024/09/a-new-path-for-kyber...

      Draft for adding it to TLS (1.3):

      * https://datatracker.ietf.org/doc/draft-kwiatkowski-tls-ecdhe...

      • WhyNotHugo 5 hours ago

        What’s ML-KEM X25519? I’m familiar with Ed25519, but I’ve never heard of ML-KEM.

        (Also not a cryptographer)

        • homebrewer 5 hours ago

          https://lwn.net/Articles/973231

          • tptacek 5 hours ago

            ML-KEM is Kyber, the lattice-based winner of the NIST PQ KEM competition (think of a KEM as a public-key encryption and delivery of a key, as opposed to Diffie Hellman, in which both sides agree on a key together). It's a key establishment mechanism that resists quantum attacks.

            • marcus0x62 4 hours ago

              For anyone unfamiliar with the acronyms:

              PQ = Post Quantum (cryptography)

              KEM = Key Encapsulation Method

          • dustyharddrive 4 hours ago

            Anyone have an informed preference between MLKEM and SNTRUP?

            • tptacek 3 hours ago

              For what it's worth: Damien Miller has commented repeatedly here that OpenSSH did NTRU before the NIST competition completed, and they always planned to add the NIST PQ winner.