Bug 1341 - Support multiple blowfish key lengths
Summary: Support multiple blowfish key lengths
Status: CLOSED WONTFIX
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Miscellaneous (show other bugs)
Version: 4.6p1
Hardware: Other Other
: P2 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-07-20 11:16 AEST by jimis
Modified: 2008-07-22 12:19 AEST (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description jimis 2007-07-20 11:16:50 AEST 
Blowfish is a very secure and fast block cipher. By design it supports key lengths of anywhere from 32 bits to 448 bits. Currently OpenSSH implements only 128 bits.

So the feature request is: Implement the use of more key lenghts, including the minimum of 32 bits (for speed) and the maximum of 448 bits (for extreme cases).
Comment 1 Damien Miller 2008-06-12 17:44:08 AEST 
The key length for blowfish is specified in the SSH protocol RFC. We could change it by supporting a new cipher mode, but it would be a non-standard extension. There isn't much point either: blowfish is quite a bit slower than AES, AES has had far more cryptanalytic review, and it supports up to 256-bit keys (which should be good enough for a long, long time).
Comment 2 Damien Miller 2008-07-22 12:19:15 AEST 
Mass update RESOLVED->CLOSED after release of openssh-5.1