As part of BrickFTP’s commitment to data security for all customers, the team is rolling out several new features aimed at higher levels of protection for your stored and transferred files. The platform now supports ED25519 keys, the most recommended available public key algorithm currently available.
What is an ED25519 key?
This public key signature system is compact, efficient and quick to generate. Its software is designed to offer fast single-signature and batch verification, along with signing and key generation at rapid speeds. The key is resilient to collisions and does not contain any hidden array indices or branch conditions.
It was developed to also add an extra layer of defense against potential hash function weaknesses, along with a robust level of security.
Why upgrade your SSH key to ED25519?
Developers and DevOps engineers use SSH key authentication on a daily basis to log into a remote server or push commits to a remote repository, as this method offers an added level of security compared to traditional password-based authentication.
However, SSH keys that have not been upgraded or originally created within the last five years could pose a security risk. The default options likely include an RSA algorithm. Some older algorithms are predicted to become mathematically broken in the near future, making them susceptible to attacks. While RSA is still widely used, it is considered less safe and slower than ED25519.
The ED25519 key is regarded as the strongest, fastest mathematical algorithm with stronger password protection and encryption for private keys. OpenSSH announced its support of the key, which offers faster performance and tighter security than DSA or ECDSA. The public-key signature system secures connections and includes a long list of features that make its cryptographic capabilities stronger than traditional systems.
Are ED25519 keys right for you?
Our team ensures ED25519 keys serve as a much more secure method of public/private key pairs for BrickFTP. Customers incorporating either public/private keys for user authentication should consider upgrading to ED25519.
Private/public key pairs are generated on your own local computer — the result is one public half and one private half. While the public half of the key may be shared publicly, the private half must never be shared and should only be stored on your local computer.
By upgrading to an ED25519 key, you can ensure the security of your key is enforced with one of the most robust measures available.
Contact our team of developers for more information.