3282 – Feature Request add Argon2 as kdf for encrypted keys

Bug 3282 - Feature Request add Argon2 as kdf for encrypted keys

Summary: Feature Request add Argon2 as kdf for encrypted keys

Status:	NEW

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh-keygen (show other bugs)
Version:	8.5p1
Hardware:	Other Windows 10

Importance:	P5 enhancement
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-03-18 02:27 AEDT by Richard Burkhardt
Modified:	2021-03-18 02:28 AEDT (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Richard Burkhardt 2021-03-18 02:27:52 AEDT

I currently work on a projekt (https://github.com/konsultaner/connectanum-dart), that is related to the WAMP-Protocol (https://wamp-proto.org). The protocol supports an athentication algorithem called wamp-cryptosign that is based on the ed25519 private keys. My project currently supports the import of putty private key files and the openssh format (PKCS #8 is planned). The openssh format defines only bcrypt as kdf algorithm. Since wamp is a WebSocket protocol, we would like to store the password encrypted private key in the localstorage. Bcrypt seems to be a quite unsave solution these days. This is the reason why I am requesting argon2 support for the hashing function if this is wanted at all. There is a reference implemetation in c here: https://github.com/P-H-C/phc-winner-argon2