Comment by notpushkin

1 day ago

I know I’m asking for too much, but.

The macOS app Secretive [1] stores SSH keys in the Secure Enclave. To make it work, they’ve selected an algorithm supported by the SE, namely ecdsa-sha2-nistp256.

I don’t think SE supports PQ algorithms, but would it be possible to use a “hybrid key” with a combined algorithm like mlkem768×ecdsa-sha2-nistp256, in a way that the ECDSA part is performed by the SE?

[1]: https://github.com/maxgoedjen/secretive

4 comments

notpushkin

samhclark 9 hours ago

To comment on the part about what keys Secretive uses, I looked at this recently and I think it looks like the SE will be able to do ML-KEM soon.

https://developer.apple.com/documentation/cryptokit/secureen...

Not totally sure that I'm reading it right, since I've never done MacOS development before, but I'm a big fan of Secretive and use it whenever possible. If I've got it right, maybe Secretive can add PQ support once ML-KEM is out of beta.

cnst 17 hours ago

The notice at stake is about key agreements (aka KEX aka Key Exchange), not about the keys themselves.

If you look at http://mdoc.su/o/ssh_config.5#KexAlgorithms and http://bxr.su/o/usr.bin/ssh/kex-names.c#kexalgs, `ecdsa-sha2-nistp256` is not a valid option for the setting (although `ecdh-sha2-nistp256` is).

notpushkin 12 hours ago
Ohh, this is distinct from the pubkey algorithms. Looks like I need a refresher on how SSH works then :-)
Thanks!
- keeperofdakeys 10 hours ago
  
  https://www.openssh.com/legacy.html - Legacy algorithms in OpenSSH, which explains a little what they do. Then there is also your Identity key that you authenticate yourself with, which is placed in the servers authorized_keys.