top | item 28859195

(no title)

implying | 4 years ago

These types of programs have gone through a few iterations since the secure enclave was released, but they all share a fatal flaw, probably from the SE itself:

You can only store keys that use the NIST P curves, which are not recommended for SSH, or any serious crypto. There are serious supicions that they were tampered with during design by NSA, and are listed in djb's https://safecurves.cr.yp.to/ as unsafe. Using this program would force you to configure your server to accept keys using unsafe curves.

discuss

No comments yet.