19Mar
ECDH_SHA2_NISTP256 (KEX) Algorithm in SSH – Vulnerabilities?
My organization within my company uses this KEX Algorithm in our SSH Implementation.
Another organization within my company won't connect to our servers as long as this algorithm is implemented as they claim it is "weak and vulnerable". They referenced this article:https://nvlpubs.nist.gov/nistpubs/ir/2015/NIST.IR.7966.pdf which is interesting because nothing in there mentions it??
Could anyone help me understand the vulnerabilities of this KEX Algorithm? If it was diffie-hellman-group1-sha1 I'd understand, but ECDH_SHA2_NISTP256 I don't. It uses NIST Curve P256 and also uses SHA2 - SHA256.
I'm very keen to understand what the problem with this algorithm is... thanks for the help!
