Differences
This shows you the differences between the selected revisions of the page.
| 2023-02-13 | 2023-02-13 | ||
| 6.0 Support for NTRU Prime post-quantum key exchange + Support for more forms of Diffie-Hellman key exchange: new larger integer groups (such as group16 and group18), and support for using those and ECDH with GSSAPI (martin) | beta (martin) | ||
| Line 23: | Line 23: | ||
| WinSCP currently supports the following key exchange methods: | WinSCP currently supports the following key exchange methods: | ||
| - | * //NTRU Prime / Curve25519 hybrid//: Streamlined NTRU Prime is a lattice-based algorithm intended to resist quantum attacks. In this key exchange method, it is run in parallel with a conventional Curve25519-based method (one of those included in //ECDH//, in such a way that it should be no less secure than that commonly-used method, and hopefully also resistant to a new class of attacks. | + | * //NTRU Prime / Curve25519 hybrid//: Streamlined NTRU Prime is a lattice-based algorithm intended to resist quantum attacks. In this key exchange method, it is run in parallel with a conventional Curve25519-based method (one of those included in //ECDH//, in such a way that it should be no less secure than that commonly-used method, and hopefully also resistant to a new class of attacks. &beta_feature |
| * //ECDH//: elliptic curve Diffie-Hellman key exchange, with a variety of standard curves and hash algorithms. \\ The original form of Diffie-Hellman key exchange, with a variety of well-known groups and hashes: | * //ECDH//: elliptic curve Diffie-Hellman key exchange, with a variety of standard curves and hash algorithms. \\ The original form of Diffie-Hellman key exchange, with a variety of well-known groups and hashes: | ||
| - | * //Group 18//, a well-known 8192-bit group, used with the SHA-512 hash function. | + | * //Group 18//, a well-known 8192-bit group, used with the SHA-512 hash function. &beta_feature |
| - | * //Group 17//, a well-known 6144-bit group, used with the %%SHA-512%% hash function. | + | * //Group 17//, a well-known 6144-bit group, used with the %%SHA-512%% hash function. &beta_feature |
| - | * //Group 16//, a well-known 4096-bit group, used with the %%SHA-512%% hash function. | + | * //Group 16//, a well-known 4096-bit group, used with the %%SHA-512%% hash function. &beta_feature |
| - | * //Group 15//, a well-known 3072-bit group, used with the %%SHA-512%% hash function. | + | * //Group 15//, a well-known 3072-bit group, used with the %%SHA-512%% hash function. &beta_feature |
| * //Group 14//: a well-known 2048-bit group, used with the SHA-256 hash function or, if the server doesn't support that, SHA-1. | * //Group 14//: a well-known 2048-bit group, used with the SHA-256 hash function or, if the server doesn't support that, SHA-1. | ||
| * //Group 1// : a well-known 1024-bit group, used with the %%SHA-1%% hash function. Neither we nor current SSH standards recommend using this method any longer, and it's not used by default in new installations; however, it may be the only method supported by very old server software. | * //Group 1// : a well-known 1024-bit group, used with the %%SHA-1%% hash function. Neither we nor current SSH standards recommend using this method any longer, and it's not used by default in new installations; however, it may be the only method supported by very old server software. | ||