2026-03-23 07:56 GMT+01:00 Loganaden Velvindron <[email protected]>:
> There are also open source projects like OpenBSD which have integrated
> sntrup761 in hybrid mode
> within OpenSSH for a long time.
>
> With security companies like Qualys constantly trying to find new
> vulnerabilities in openssh,
> I'm pretty sure that they would have found a vulnerability in
> x25519sntrup761 kex codebase by now ?
OpenSSH added mlkem768x25519-sha256 in version 9.9 (2024-09-19) and made it the
default in 10.0 (2025-04-09). It also switched sntrup761x25519-sha512
implementation in version 9.9, so its Streamlined NTRUPrime implementation is
at best as scrutinized as its ML-KEM one (while many other languages and
libraries don't have production Streamlined NTRUPrime code at all).
Anyway, it's not clear to me what that has to do with this document.
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
