The OpenSSH team plans to publish version 6.5. The Secure Shell significantly strengthened the effectiveness of cryptography. In the future OpenSSH will support signatures and key exchange with Curve25519, an elliptic curve developed by Dan j. Bernstein.
Since the Snowden’s revelations, there is doubt how safe are the elliptic curves mostly used in cryptography, namely the NIST from the US. They were developed by an employee of the NSA.
Why is this Important?
Why is this important? Because if you have a website, you want to make sure no one can read the data but only those you give access to. And most important, no one can alter the data other than the real recipient. Traditional hosting companies use the old encryption methods.
Even if hosting companies have all the good features, this is something you should pay attention to. Unfortunately it’s not easy for the average Joe to know how secure an encryption is, especially on a shared hosting server.
FatCow as an Example
Take FatCow for example. You don’t see this feature listed anywhere. You have to dig in for a good review to find some details on this issue.
OpenSSH supports the algorithm developed for Curve25519 Ed25519 for signatures. So far ECDSA came was used. ECDSA has some weaknesses, especially when a weak random number generator is used.
There are efforts to get rid of the controversial NIST curves, also in the TLS Working Group at the IETF. A first draft for a standard that enables the key exchange for HTTPS connections with Curve2551 exists.
In addition to the changes in elliptic curves the new SSH version also includes enhancements for the classic key exchange using the Diffie-Hellman algorithm. So far this was carried under certain circumstances with 1024 bit, what had long considered to be potentially unsafe. A minimum 2048 bits is provided in the new version, it can be increased up to 8192 bits.
OpenSSH now also supports the current encryption method Chacha20 symmetric encryption of transmitted data in the matching mode Poly1305. Chacha20 was also developed by Dan Bernstein.
Up till now the insecure stream cipher RC4 in SSH was frequently used, especially if users wanted to transfer data as fast as possible. On many systems that’s faster compared to the commonly used block cipher AES RC4. But the doubts concerning the safety of RC4 have been increasing in the last year. Chacha20 has a similar performance like RC4, and considered very safe and well studied.
Old Ones Phased Out
In addition to the introduction of new cryptographic processes some of the old ones will be phased out. So, for example, compounds that are signed with RSA and MD5 hash methods are no longer accepted. This procedure is used by some old, commercial SSH clients.
OpenSSH developer Damien Miller calls on users to test the new features. The final 6.5 version will be out soon.