OpenSSH takes aim at 'capture now, decrypt later' quantum attacks

2022-04-12 14:00

OpenSSH 9 is here, with updates aimed at dealing with cryptographically challenging quantum computers.

A bigger nod to the future has come in the form of the use of the "Hybrid Streamline NTRU Prime + x25519 key exchange method by default."

"The NTRU algorithm is believed to resist attacks enabled by future quantum computers," explained the team, "And is paired with the X25519 ECDH key exchange as a backstop against any weaknesses in NTRU Prime that may be discovered in the future. The combination ensures that the hybrid exchange offers at least as good security as the status quo."

It added: "We are making this change now to prevent"capture now, decrypt later" attacks where an adversary who can record and store SSH session ciphertext would be able to decrypt it once a sufficiently advanced quantum computer is available.

Nth degree Truncated polynomial Ring Units is a cryptosystem and a contender for securing communication should quantum computers ever turn up in the real world.

OpenSSH clearly thinks they are on the way, as do other organizations; America's National Science Foundation awarded a $715,000 grant to researchers to hunt out gaps in quantum computing security, although last year the US National Security Agency said it "Does not know when or even if a quantum computer of sufficient size and power to exploit public key cryptography will exist."

News URL

https://go.theregister.com/feed/www.theregister.com/2022/04/12/openssh_9/

#attack #quantum