What kinds of side channels are you thinking of? Given the key exchanges have a ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mkj 34 days ago \| parent \| context \| favorite \| on: OpenSSH Post-Quantum Cryptography What kinds of side channels are you thinking of? Given the key exchanges have a straightforward sha256/sha512 combiner, it would be surprising that a flaw in one of the schemes would give a real vulnerability? I could see it being more of a problem for signing.

djmdjm 33 days ago [–]

Yeah, key agreement in the context of SSH is quite forgiving of timing side channels as SSH uses ephemeral keys. There's no prospect of repeatedly re-doing the key agreement to gather more statistics on the counterparty's timing.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact