From 5ddd8cca5bb45dba4ebf313f437759def3859f27 Mon Sep 17 00:00:00 2001 From: Joe Testa Date: Fri, 18 Apr 2025 18:29:18 -0400 Subject: [PATCH] Added 2 new key exchanges: mlkem768nistp256-sha256, mlkem1024nistp384-sha384. --- README.md | 1 + src/ssh_audit/ssh2_kexdb.py | 5 ++++- test/test_ssh2_kexdb.py | 4 +++- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d4972ea..c4ec713 100644 --- a/README.md +++ b/README.md @@ -221,6 +221,7 @@ For convenience, a web front-end on top of the command-line tool is available at - Migrated from deprecated `getopt` module to `argparse`; partial credit [oam7575](https://github.com/oam7575). - When running against multiple hosts, now prints each target host regardless of output level. - Batch mode (`-b`) no longer automatically enables verbose mode, due to sometimes confusing results; users can still explicitly enable verbose mode using the `-v` flag. + - Added 2 new key exchanges: `mlkem768nistp256-sha256`, `mlkem1024nistp384-sha384`. ### v3.3.0 (2024-10-15) - Added Python 3.13 support. diff --git a/src/ssh_audit/ssh2_kexdb.py b/src/ssh_audit/ssh2_kexdb.py index 2b15020..dd65d3d 100644 --- a/src/ssh_audit/ssh2_kexdb.py +++ b/src/ssh_audit/ssh2_kexdb.py @@ -1,7 +1,7 @@ """ The MIT License (MIT) - Copyright (C) 2017-2024 Joe Testa (jtesta@positronsecurity.com) + Copyright (C) 2017-2025 Joe Testa (jtesta@positronsecurity.com) Copyright (C) 2017 Andris Raugulis (moo@arthepsy.eu) Permission is hereby granted, free of charge, to any person obtaining a copy @@ -72,6 +72,7 @@ class SSH2_KexDB: # pylint: disable=too-few-public-methods INFO_DISABLED_IN_OPENSSH70 = 'disabled in OpenSSH 7.0: https://www.openssh.com/txt/release-7.0' INFO_NEVER_IMPLEMENTED_IN_OPENSSH = 'despite the @openssh.com tag, this was never implemented in OpenSSH' INFO_HYBRID_PQ_X25519_KEX = 'hybrid key exchange based on post-quantum resistant algorithm and proven conventional X25519 algorithm' + INFO_HYBRID_PQ_NISTP_KEX = 'hybrid key exchange based on post-quantum resistant algorithm and a suspected back-doored NIST P-curve' INFO_REMOVED_IN_OPENSSH61 = 'removed since OpenSSH 6.1, removed from specification' INFO_REMOVED_IN_OPENSSH69 = 'removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9' INFO_REMOVED_IN_OPENSSH70 = 'removed in OpenSSH 7.0: https://www.openssh.com/txt/release-7.0' @@ -193,6 +194,8 @@ class SSH2_KexDB: # pylint: disable=too-few-public-methods 'm383-sha384@libassh.org': [[], [FAIL_UNPROVEN], [WARN_NOT_PQ_SAFE]], 'm511-sha512@libassh.org': [[], [FAIL_UNPROVEN], [WARN_NOT_PQ_SAFE]], 'mlkem768x25519-sha256': [['9.9'], [], [], [INFO_HYBRID_PQ_X25519_KEX]], + 'mlkem768nistp256-sha256': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [INFO_HYBRID_PQ_NISTP_KEX]], + 'mlkem1024nistp384-sha384': [[], [FAIL_NSA_BACKDOORED_CURVE], [], [INFO_HYBRID_PQ_NISTP_KEX]], 'rsa1024-sha1': [[], [FAIL_1024BIT_MODULUS, FAIL_SHA1], [WARN_NOT_PQ_SAFE]], 'rsa2048-sha256': [[], [], [WARN_2048BIT_MODULUS, WARN_NOT_PQ_SAFE]], 'sm2kep-sha2-nistp256': [[], [FAIL_NSA_BACKDOORED_CURVE, FAIL_UNTRUSTED], [WARN_NOT_PQ_SAFE]], diff --git a/test/test_ssh2_kexdb.py b/test/test_ssh2_kexdb.py index 898a0c2..237b212 100644 --- a/test/test_ssh2_kexdb.py +++ b/test/test_ssh2_kexdb.py @@ -53,7 +53,9 @@ class Test_SSH2_KexDB: "sntrup761x25519-sha512@openssh.com", "sntrup761x25519-sha512", "x25519-kyber-512r3-sha256-d00@amazon.com", - "x25519-kyber512-sha512@aws.amazon.com" + "x25519-kyber512-sha512@aws.amazon.com", + "mlkem768nistp256-sha256", # PQ safe, but has a conventional back-door. + "mlkem1024nistp384-sha384" # PQ safe, but has a conventional back-door. ] failures = []