On 10/14/05, David wrote:
> Please forgive if this is the wrong place...
> As a user of the excellent ssh and sshd I would like to see the next
> version of openssh contain support for the SHA-2 hashes (SHA-256,
> SHA-384, and SHA-512) as the SHA-1 hash is now known to be vulnerable to
> a 2^69 and possibly a 2^63 key-space search. As of version 0.98 openssl
> contained support for these hashes so it would be nice if openssh
> followed suit.

There are several questions that would need to be answered:

1) Does the SSH spec allow for any algorithms other than SHA1? If it
doesnt then the first place to work it through would be the IETF. [I
do not know the answer myself..]

2) How long do you want your message to be secure? If you say
forever... then you are best off not saying anything. If you say 100
years.. it would probably be best not to say anything. If you are
looking for 10 years then does the search space time for 2^60 or more
fit into that time frame. (Searching 2^30 (approx 1 billion keys) a
second it would take 34 years to search for this. This doesnt take in
account parrelization or other items).

Stephen J Smoogen.
CSIRT/Linux System Administrator

openssh-unix-dev mailing list