|
|
|
|
|
|
by dependenttypes
2126 days ago
|
|
|
It should be noted that EdDSA is generally implemented in constant time, something that can't be said for RSA. (which different implementations - including OpenSSL which OpenSSH uses - have been found to implement it in a way that allows side channel attacks time and time again) In addition I am pretty sure that if you compile OpenSSH with support only for EdDSA it does not need to be linked to OpenSSL. |
|
|
With the proviso (IIRC) that you will also only have AES-CTR and ChaCha.