1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00

Rename NTRU Prime / Curve25519 kex in UI.

The previous name, which included '(quantum-resistant)', was too long to
be completely seen in the Windows config dialog's kex list (which is
narrower than the Gtk one, due to the Up/Down buttons). No point
including that explanation if people can't actually read it, so we'll
have to rely on docs to explain it.

(I did try squashing the rest of the name to "SNTRUP/X25519 hybrid", but
that wasn't enough.)

As some sort of compensation, index it more thoroughly in the docs, and
while I'm there, tweak the indexing of other key exchange algorithms
too.
This commit is contained in:
Jacob Nevins 2022-10-21 17:46:38 +01:00
parent 6472f7fc77
commit dc9ab5e0f0
3 changed files with 19 additions and 10 deletions

View File

@ -569,8 +569,7 @@ static void kexlist_handler(dlgcontrol *ctrl, dlgparam *dlg,
{ "Diffie-Hellman group exchange", KEX_DHGEX },
{ "RSA-based key exchange", KEX_RSA },
{ "ECDH key exchange", KEX_ECDH },
{ "NTRU Prime / Curve25519 hybrid kex"
" (quantum-resistant)", KEX_NTRU_HYBRID },
{ "NTRU Prime / Curve25519 hybrid kex", KEX_NTRU_HYBRID },
{ "-- warn below here --", KEX_WARN }
};

View File

@ -2347,17 +2347,17 @@ cipher selection (see \k{config-ssh-encryption}).
PuTTY currently supports the following key exchange methods:
\b \q{NTRU Prime / Curve25519 hybrid}: NTRU Prime is a lattice-based
algorithm intended to resist quantum attacks. In this key exchange
method, it is run in parallel with a conventional Curve25519-based
method (one of those included in \q{ECDH}), in such a way that it
should be no \e{less} secure than that commonly-used method, and
hopefully also resistant to a new class of attacks.
\b \q{NTRU Prime / Curve25519 hybrid}: \q{\i{Streamlined NTRU Prime}}
is a lattice-based algorithm intended to resist \i{quantum attacks}.
In this key exchange method, it is run in parallel with a conventional
Curve25519-based method (one of those included in \q{ECDH}), in such
a way that it should be no \e{less} secure than that commonly-used
method, and hopefully also resistant to a new class of attacks.
\b \q{ECDH}: \i{elliptic curve} \i{Diffie-Hellman key exchange},
\b \q{\i{ECDH}}: elliptic curve Diffie-Hellman key exchange,
with a variety of standard curves and hash algorithms.
\b The original form of \q{Diffie-Hellman} key exchange, with a
\b The original form of \i{Diffie-Hellman key exchange}, with a
variety of well-known groups and hashes:
\lcont{

View File

@ -688,6 +688,16 @@ saved sessions from
\IM{group exchange} Diffie-Hellman group exchange
\IM{group exchange} group exchange, Diffie-Hellman
\IM{ECDH} \q{ECDH} (elliptic-curve Diffie-Hellman)
\IM{ECDH} elliptic-curve Diffie-Hellman key exchange
\IM{ECDH} key exchange, elliptic-curve Diffie-Hellman
\IM{ECDH} Diffie-Hellman key exchange, with elliptic curves
\IM{Streamlined NTRU Prime} Streamlined NTRU Prime
\IM{Streamlined NTRU Prime} NTRU Prime
\IM{quantum attacks} quantum attacks, resistance to
\IM{repeat key exchange} repeat key exchange
\IM{repeat key exchange} key exchange, repeat