You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Dominik Schneider (Jira)" <ji...@apache.org> on 2022/04/06 08:17:00 UTC
[jira] [Updated] (SSHD-1260) EdDSA dependency net.i2p.crypto creates malleable ed25519 signatures
[ https://issues.apache.org/jira/browse/SSHD-1260?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dominik Schneider updated SSHD-1260:
------------------------------------
Description:
To use ed25519 keys with the SSHD server it is necessary to use the net.i2p.crypto dependency. This dependency has a security flaw as it creates malleable ed25519 signatures as described in this [github issue|[https://github.com/str4d/ed25519-java/issues/82]].
This issue was detected in the context of a paper which checked several ed25519 implementations for security issues. In Table 5 of the paper, they state that this dependency is not SUF-CMA compliant in contrast to the Bouncy Castle implementation, which is SUF-CMA compliant.
Besides, it appears that the ed22519-java project is not longer maintained, as the issue is fixed in the main project of i2p, but not in this separated crypto library. As Bouncy Castle is already supported in SSHD and is SUF-CMA compliant, it would be very useful that SSHD supports the Bouncy Castle implementation of ed25519. This issue is related to SSHD-985 and SSHD-988.
was:
To use ed25519 keys with the SSHD server it is necessary to use the net.i2p.crypto dependency. This dependency has a security flaw as it creates malleable ed25519 signatures as described in this [github issue|[https://github.com/str4d/ed25519-java/issues/82].]
This issue was detected in the context of a paper which checked several ed25519 implementations for security issues. In Table 5 of the paper, they state that this dependency is not SUF-CMA compliant in contrast to the Bouncy Castle implementation, which is SUF-CMA compliant.
Besides, it appears that the ed22519-java project is not longer maintained, as the issue is fixed in the main project of i2p, but not in this separated crypto library. As Bouncy Castle is already supported in SSHD and is SUF-CMA compliant, it would be very useful that SSHD supports the Bouncy Castle implementation of ed25519. This issue is related to [SSHD-985|https://issues.apache.org/jira/browse/SSHD-985] and [SSHD-988|https://issues.apache.org/jira/browse/SSHD-988].
> EdDSA dependency net.i2p.crypto creates malleable ed25519 signatures
> --------------------------------------------------------------------
>
> Key: SSHD-1260
> URL: https://issues.apache.org/jira/browse/SSHD-1260
> Project: MINA SSHD
> Issue Type: Dependency upgrade
> Reporter: Dominik Schneider
> Priority: Major
>
> To use ed25519 keys with the SSHD server it is necessary to use the net.i2p.crypto dependency. This dependency has a security flaw as it creates malleable ed25519 signatures as described in this [github issue|[https://github.com/str4d/ed25519-java/issues/82]].
> This issue was detected in the context of a paper which checked several ed25519 implementations for security issues. In Table 5 of the paper, they state that this dependency is not SUF-CMA compliant in contrast to the Bouncy Castle implementation, which is SUF-CMA compliant.
> Besides, it appears that the ed22519-java project is not longer maintained, as the issue is fixed in the main project of i2p, but not in this separated crypto library. As Bouncy Castle is already supported in SSHD and is SUF-CMA compliant, it would be very useful that SSHD supports the Bouncy Castle implementation of ed25519. This issue is related to SSHD-985 and SSHD-988.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org