Comment by notpushkin
2 days ago
I know I’m asking for too much, but.
The macOS app Secretive [1] stores SSH keys in the Secure Enclave. To make it work, they’ve selected an algorithm supported by the SE, namely ecdsa-sha2-nistp256.
I don’t think SE supports PQ algorithms, but would it be possible to use a “hybrid key” with a combined algorithm like mlkem768×ecdsa-sha2-nistp256, in a way that the ECDSA part is performed by the SE?
The notice at stake is about key agreements (aka KEX aka Key Exchange), not about the keys themselves.
If you look at http://mdoc.su/o/ssh_config.5#KexAlgorithms and http://bxr.su/o/usr.bin/ssh/kex-names.c#kexalgs, `ecdsa-sha2-nistp256` is not a valid option for the setting (although `ecdh-sha2-nistp256` is).
Ohh, this is distinct from the pubkey algorithms. Looks like I need a refresher on how SSH works then :-)
Thanks!
https://www.openssh.com/legacy.html - Legacy algorithms in OpenSSH, which explains a little what they do. Then there is also your Identity key that you authenticate yourself with, which is placed in the servers authorized_keys.
To comment on the part about what keys Secretive uses, I looked at this recently and I think it looks like the SE will be able to do ML-KEM soon.
https://developer.apple.com/documentation/cryptokit/secureen...
Not totally sure that I'm reading it right, since I've never done MacOS development before, but I'm a big fan of Secretive and use it whenever possible. If I've got it right, maybe Secretive can add PQ support once ML-KEM is out of beta.