OpenSSH prepares post-quantum

For several years, cryptography has studied the implication of the rise of quantum computation.  Once fully operational, with enough qubits, error-free, and keeping quantum states long enough, quantum computing will break prime number factor-based cryptosystems (such as RSA) and Elliptic Curve Cryptography by quickly finding the private keys.

Thus, in 2017, NIST initiated selecting and standardizing a set of post-quantum cryptosystems.

OpenSSH just released version 9.0.  And it adds the support of a post-quantum cryptosystem.  To be precise:


use the hybrid Streamlined NTRU Prime + x25519 key exchange method by default (“”). The NTRU algorithm is believed to resist attacks enabled by future quantum computers and is paired with the X25519 ECDH key exchange (the previous default) as a backstop against any weaknesses in NTRU Prime that may be discovered in the future.  The combination ensures that the hybrid exchange offers at least as good security as the status quo.

NTRU Prime is one of the nine remaining candidates in the NIST selection process.   OpenSSH chose one without waiting for the NIST final selection. 

Leave a Reply

Your email address will not be published. Required fields are marked *