Dominik Schneider created SSHD-1260:
---------------------------------------
Summary: EdDSA dependency net.i2p.crypto creates malleable ed25519
signatures
Key: SSHD-1260
URL: https://issues.apache.org/jira/browse/SSHD-1260
Project: MINA SSHD
Issue Type: Dependency upgrade
Reporter: Dominik Schneider
To use ed25519 keys with the SSHD server it is necessary to use the
net.i2p.crypto dependency. This dependency has a security flaw as it creates
malleable ed25519 signatures as described in this [github
issue|[https://github.com/str4d/ed25519-java/issues/82].]
This issue was detected in the context of a paper which checked several ed25519
implementations for security issues. In Table 5 of the paper, they state that
this dependency is not SUF-CMA compliant in contrast to the Bouncy Castle
implementation, which is SUF-CMA compliant.
Besides, it appears that the ed22519-java project is not longer maintained, as
the issue is fixed in the main project of i2p, but not in this separated crypto
library. As Bouncy Castle is already supported in SSHD and is SUF-CMA
compliant, it would be very useful that SSHD supports the Bouncy Castle
implementation of ed25519. This issue is related to
[SSHD-985|https://issues.apache.org/jira/browse/SSHD-985] and
[SSHD-988|https://issues.apache.org/jira/browse/SSHD-988].
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
