You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Dominik Schneider (Jira)" <ji...@apache.org> on 2022/04/06 08:17:00 UTC

[jira] [Created] (SSHD-1260) EdDSA dependency net.i2p.crypto creates malleable ed25519 signatures

Dominik Schneider created SSHD-1260:
---------------------------------------

             Summary: EdDSA dependency net.i2p.crypto creates malleable ed25519 signatures
                 Key: SSHD-1260
                 URL: https://issues.apache.org/jira/browse/SSHD-1260
             Project: MINA SSHD
          Issue Type: Dependency upgrade
            Reporter: Dominik Schneider


To use ed25519 keys with the SSHD server it is necessary to use the net.i2p.crypto dependency. This dependency has a security flaw as it creates malleable ed25519 signatures as described in this [github issue|[https://github.com/str4d/ed25519-java/issues/82].]

This issue was detected in the context of a paper which checked several ed25519 implementations for security issues. In Table 5 of the paper, they state that this dependency is not SUF-CMA compliant in contrast to the Bouncy Castle implementation, which is SUF-CMA compliant.



Besides, it appears that the ed22519-java project is not longer maintained, as the issue is fixed in the main project of i2p, but not in this separated crypto library. As Bouncy Castle is already supported in SSHD and is SUF-CMA compliant, it would be very useful that SSHD supports the Bouncy Castle implementation of ed25519. This issue is related to [SSHD-985|https://issues.apache.org/jira/browse/SSHD-985] and [SSHD-988|https://issues.apache.org/jira/browse/SSHD-988].



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org