Bug 1341

Summary: Support multiple blowfish key lengths
Product: Portable OpenSSH Reporter: jimis <jimis>
Component: MiscellaneousAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED WONTFIX    
Severity: enhancement CC: djm
Priority: P2    
Version: 4.6p1   
Hardware: Other   
OS: Other   

Description jimis 2007-07-20 11:16:50 AEST 
Blowfish is a very secure and fast block cipher. By design it supports key lengths of anywhere from 32 bits to 448 bits. Currently OpenSSH implements only 128 bits.

So the feature request is: Implement the use of more key lenghts, including the minimum of 32 bits (for speed) and the maximum of 448 bits (for extreme cases).
Comment 1 Damien Miller 2008-06-12 17:44:08 AEST 
The key length for blowfish is specified in the SSH protocol RFC. We could change it by supporting a new cipher mode, but it would be a non-standard extension. There isn't much point either: blowfish is quite a bit slower than AES, AES has had far more cryptanalytic review, and it supports up to 256-bit keys (which should be good enough for a long, long time).
Comment 2 Damien Miller 2008-07-22 12:19:15 AEST 
Mass update RESOLVED->CLOSED after release of openssh-5.1