nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-04 13:02:47 -05:00
Code Issues Projects Releases Wiki Activity

Implement OpenSSH 9.x's NTRU Prime / Curve25519 kex.

Browse Source 
This consists of DJB's 'Streamlined NTRU Prime' quantum-resistant
cryptosystem, currently in round 3 of the NIST post-quantum key
exchange competition; it's run in parallel with ordinary Curve25519,
and generates a shared secret combining the output of both systems.

(Hence, even if you don't trust this newfangled NTRU Prime thing at
all, it's at least no _less_ secure than the kex you were using
already.)

As the OpenSSH developers point out, key exchange is the most urgent
thing to make quantum-resistant, even before working quantum computers
big enough to break crypto become available, because a break of the
kex algorithm can be applied retroactively to recordings of your past
sessions. By contrast, authentication is a real-time protocol, and can
only be broken by a quantum computer if there's one available to
attack you _already_.

I've implemented both sides of the mechanism, so that PuTTY and Uppity
both support it. In my initial testing, the two sides can both
interoperate with the appropriate half of OpenSSH, and also (of
course, but it would be embarrassing to mess it up) with each other.
This commit is contained in:
Simon Tatham
2022-04-15 17:19:47 +01:00
parent e59ee96554
commit faf1601a55
14 changed files with 2358 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
test/testcrypt.py
View File

@ -199,6 +199,13 @@ def make_argword(arg, argtype, fnname, argindex, argname, to_preserve):
sublist.append(make_argword(val, ("val_mpint", False),
fnname, argindex, argname, to_preserve))
return b" ".join(coerce_to_bytes(sub) for sub in sublist)
if typename == "int16_list":
sublist = [make_argword(len(arg), ("uint", False),
fnname, argindex, argname, to_preserve)]
for val in arg:
sublist.append(make_argword(val & 0xFFFF, ("uint", False),
fnname, argindex, argname, to_preserve))
return b" ".join(coerce_to_bytes(sub) for sub in sublist)
raise TypeError(
"Can't convert {}() argument #{:d} ({}) to {} (value was {!r})".format(
fnname, argindex, argname, typename, arg))
@ -247,6 +254,8 @@ def make_retval(rettype, word, unpack_strings):
return word == b"true"
elif rettype in {"pocklestatus", "mr_result"}:
return word.decode("ASCII")
elif rettype == "int16_list":
return list(map(int, word.split(b',')))
raise TypeError("Can't deal with return value {!r} of type {!r}"
.format(word, rettype))