Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
ECDSA with putty/pageant
2,454 views
Skip to first unread message
Higorineth Ancalimae
Feb 10, 2012, 4:47:40 AM2/10/12
to
Hi,
Any idea how can we use my ECDSA key within putty / pageant ?
Any idea how can we use my ECDSA key within putty / pageant ?
Simon Tatham
Feb 10, 2012, 5:08:07 AM2/10/12
to
Higorineth Ancalimae <higor...@gmail.com> wrote:
> Any idea how can we use my ECDSA key within putty / pageant ?
I'm afraid there is currently no support for ECDSA in the PuTTY suite
> Any idea how can we use my ECDSA key within putty / pageant ?
at all. One user did suggest last year that they might like to
contribute support for it, but no patch has shown up in our email as a
result of that.
--
Simon Tatham "_shin_, n. An ingenious device for
<ana...@pobox.com> finding tables and chairs in the dark."
Higorineth Ancalimae
Feb 10, 2012, 5:15:56 AM2/10/12
to
On 10 fév, 11:08, Simon Tatham <ana...@pobox.com> wrote:
> I'm afraid there is currently no support for ECDSA in the PuTTY suite
Do you plan to add it ?
> I'm afraid there is currently no support for ECDSA in the PuTTY suite
Simon Tatham
Feb 10, 2012, 5:34:58 AM2/10/12
to
I'd be happy to accept a good-quality patch if someone else submitted
one, but it's not currently high on my list of things to spend my own
effort on. So far I've only heard of two people (you and the user I
previously mentioned) who are interested in using it.
--
Simon Tatham "Happiness is having a large, warm, loving,
<ana...@pobox.com> caring, close-knit family in another city."
one, but it's not currently high on my list of things to spend my own
effort on. So far I've only heard of two people (you and the user I
previously mentioned) who are interested in using it.
--
Simon Tatham "Happiness is having a large, warm, loving,
<ana...@pobox.com> caring, close-knit family in another city."
fabrice...@gmail.com
May 5, 2013, 3:34:50 AM5/5/13
to
Le vendredi 10 février 2012 11:34:58 UTC+1, Simon Tatham a écrit :
> I'd be happy to accept a good-quality patch if someone else submitted
> one, but it's not currently high on my list of things to spend my own
> effort on. So far I've only heard of two people (you and the user I
> previously mentioned) who are interested in using it.
Hi,
> I'd be happy to accept a good-quality patch if someone else submitted
> one, but it's not currently high on my list of things to spend my own
> effort on. So far I've only heard of two people (you and the user I
> previously mentioned) who are interested in using it.
In France, our "national computing security agency" : ANSSI (http://www.ssi.gouv.fr) made many recommandations. In the "(Open)SSH" chapter, one of them can be abstracted in "ECDSA is preferred".
So (at least) many french security aware people will be very interested by ECDSA, because putty is so widespread.
And, as usual, I have no clue how to help ;-)....
Best regards
PS : Thanks for your tool. It's like shoes : I don't think about it, because I (and all my colleagues) can't work without it. Our windows computers are formatted with it. Period.
dge...@gmail.com
Aug 18, 2013, 3:50:27 PM8/18/13
to
On Friday, February 10, 2012 2:34:58 AM UTC-8, Simon Tatham wrote:
While attacks against 4096 bit RSA keys are theoretical, AES 256 is a relatively standard security default and is equivalent to an ECDSA key of 512 bits (521 is the maximum current option in OpenSSL 0.9.8x), which is equivalent to an RSA key of 15,360 bits. The longest RSA key OpenSSL will generate is 4096, and that already generates some compute load. Achieving AES256 equivalent security is not possible without switching to ECDSA.
It is not just the French NCSA that is promoting a transition to ECC, but also the US NSA: http://www.nsa.gov/business/programs/elliptic_curve.shtml
Personally, I think it is time to make ECDSA support a priority.
> Higorineth Ancalimae < > wrote:
>
> > Do you plan to add it ?
>
>
>
> I'd be happy to accept a good-quality patch if someone else submitted
>
> one, but it's not currently high on my list of things to spend my own
>
> effort on. So far I've only heard of two people (you and the user I
>
> previously mentioned) who are interested in using it.
>
> --
>
> Simon Tatham "Happiness is having a large, warm, loving,
>
>
> > Do you plan to add it ?
>
>
>
> I'd be happy to accept a good-quality patch if someone else submitted
>
> one, but it's not currently high on my list of things to spend my own
>
> effort on. So far I've only heard of two people (you and the user I
>
> previously mentioned) who are interested in using it.
>
> --
>
> Simon Tatham "Happiness is having a large, warm, loving,
>
> <> caring, close-knit family in another city."
It seems GPGAgent may fill this gap, but as there's some concern about the long-term security of RSA, elliptic curve keys are recommended by people who seem to know (e.g. Whitfield Diffie, of course).
While attacks against 4096 bit RSA keys are theoretical, AES 256 is a relatively standard security default and is equivalent to an ECDSA key of 512 bits (521 is the maximum current option in OpenSSL 0.9.8x), which is equivalent to an RSA key of 15,360 bits. The longest RSA key OpenSSL will generate is 4096, and that already generates some compute load. Achieving AES256 equivalent security is not possible without switching to ECDSA.
It is not just the French NCSA that is promoting a transition to ECC, but also the US NSA: http://www.nsa.gov/business/programs/elliptic_curve.shtml
Personally, I think it is time to make ECDSA support a priority.
voxx...@gmail.com
Oct 9, 2014, 11:23:49 PM10/9/14
to
> Any idea how can we use my ECDSA key within putty / pageant ?
There is a variant of PuTTY which supports ECDSA and ECDH.
(But no English explanation)
http://ice.hotmint.com/putty/
christop...@gmail.com
Oct 13, 2014, 8:22:33 AM10/13/14
to
0 new messages