Score:1

Is the combination of X25519 ECDH and NTRU in OpenSSH 9.X secure against quantum attacks?

gw flag

Can the combination of X25519 ECDH and NTRU in OpenSSH 9.X defend me against quantum attacks?

Why is it believed that this combination is secure?

gs flag
See also: https://quantumcomputing.stackexchange.com/q/25987/18991
Score:4
my flag

Can the combination of X25519 ECDH and NTRU in OpenSSH 9.X defend me against quantum attacks?

Actually, that version of OpenSSH uses NTRU Prime, rather than NTRU.

However, that does not change the answer: it is believed that the combination is resistant to attackers with Quantum Computers attempting a 'store-and-decrypt-later' attack.

Why is it believed that this combination is secure?

We believe it is secure because we believe that NTRU Prime is secure against a Quantum Adversary, and the secret keys that protect the traffic depend on the NTRU Prime shared secret. Without those secret keys, the attacker would need to attack the symmetric ciphers directly, which we believe is also too hard.

Now, I did put in weasel words about 'store-and-decrypt later' attacks; another possible attack (if the attacker has a Quantum Computer at the time of the exchange) is to break the authentication piece of SSH. I don't know if that is similarly protected (it might be; I don't know); if it is isn't, then this is also a potential avenue. Of course, this attack can only be used to attacks going forward, and previous sessions are unaffected.

kelalaka avatar
in flag
Could you explain X25519 ECDH and NTRU Prime a little more? This is a newest question here about this..
Blockchain Office avatar
gw flag
@poncho | Can you write some words, what do you mean about "the authentication piece of SSH"?
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.