| ▲ | throw0101a 4 days ago | |
> The first SSH server that chose it was TinySSH. Yes, I know. I mention this timeline in another one of my comments: * https://news.ycombinator.com/item?id=44866802 > I use this in a variety of ways, thousands of logins per day. I don't see much love for AES. So? Given its focus on low(er)-performance systems, perhaps on chips without AES-NI, it's no surprise that TinySSH does not have AES. Further, Dropbear, another implementation often used on smaller footprints, does have AES and recently added ML-KEM: * https://github.com/mkj/dropbear/commit/1748ccae5090d511753c0... PuTTY added ML-KEM in 0.83 earlier this year. So I'm not sure how talking about a niche SSH implementation supports your claim that "there will be great preference in the community for Bernstein's NTRU Prime." The evidence appears to me that implementation have been adding NIST's choice(s) since they have become available. | ||
| ▲ | chasil 4 days ago | parent [-] | |
Seal its fate then, and get TinySSH to drop it. | ||