Hello,
Thanks for your answer.
I didn't see it that way.
I was focused on the main job of cryptography algorithms, hence encrypting the
data.
When I generate an RSA key with ssh-keygen R1,
I was assuming that once the key exchanged between me and the server (R2),
then all my commands within ssh to the server would be encrypted using R2public,
and the server would answer me with encrypted answers using R1public,
and only us would be able to look at the exchanges.
I forgot most of all the details of digital signature schemes and
authentication, and key agreement are terms I don't use.
I just thought that post-quantum public key cryptography was needed for
communicating between me and the server, and saw that R1 and R2 (with public
and private part) needed to be for a post-quantum public key cryptography
algorithm.
Maybe my focus on R1 and R2 is wrong in the case of SSH because that part is
transparently handled by SSH.
Maybe the choices of the technology once connected with SSH for the rest of the
connection is only in the hands of SSH developpers, and we only care about the
steps that you cited:
key agreement, digital signature schemes and authentication.
I still don't see why only key agreement needs post-quantum hard keys and why
the keys we generate can be easier to break.
I don't have anymore the skills and the will to see why digital signature
schemes and authentication can use "traditional" public key cryptography.
Thanks again for your answer, maybe it will help someone else with a similar
question.
Best regards,
Laurent Lyaudet
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2147463
Title:
ssh-keygen doesn't provide post-quantum algorithms
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2147463/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
