×
Data
APIs
Platforms
Account
Careers
Contact Us

DataShop SFTP Security Policy Update

 

SFTP Cipher/MAC Policy Update

Overview

Cboe DataShop is updating the cryptographic algorithms supported by our SFTP service. As part of our commitment to maintaining the highest security standards, we are deprecating older and less secure SSH MAC (Message Authentication Code) algorithms and key exchange methods.

Please review your SFTP client configuration and make necessary updates. We will stagger the update across our production hosts to provide time for testing and confirmation. 

Policy Changes - Ciphers & Algorithms

SSH Ciphers

CipherStatus
[email protected]Supported
[email protected]Supported
aes128-ctrSupported
aes256-ctrSupported
aes192-ctrSupported

SSH Key Exchange Algorithms

AlgorithmStatus
mlkem768x25519-sha256NEW - Supported
mlkem768nistp256-sha256NEW - Supported
mlkem1024nistp384-sha384NEW - Supported
ecdh-sha2-nistp256Supported
ecdh-sha2-nistp384Supported
ecdh-sha2-nistp521Supported
curve25519-sha256Supported
[email protected]Supported
diffie-hellman-group16-sha512Supported
diffie-hellman-group18-sha512Supported
diffie-hellman-group-exchange-sha256Supported
diffie-hellman-group14-sha256NO LONGER SUPPORTED
diffie-hellman-group14-sha1NO LONGER SUPPORTED

SSH MAC Algorithms

AlgorithmStatus
[email protected]Supported
[email protected]Supported
[email protected]NO LONGER SUPPORTED
[email protected]NO LONGER SUPPORTED
[email protected]NO LONGER SUPPORTED
[email protected]NO LONGER SUPPORTED
[email protected]NO LONGER SUPPORTED
hmac-sha2-256NO LONGER SUPPORTED
hmac-sha2-512NO LONGER SUPPORTED
hmac-sha1NO LONGER SUPPORTED

Schedule - POSTPONED 

Please note that our scheduled SFTP update has been postponed; we will share the new date as soon as it is confirmed
SFTP SiteDate
sftp.datashop.livevol.com
sftp2.datashop.livevol.com

We are staggering the update of our production hosts so that customers can test against sftp.datashop.livevol.com, while still maintaining existing access via sftp2.datashop.liveol.com Please ensure you can switch between hosts prior to the date of the first change.

 

Recommended Actions

Customers need to update their SSH clients to use one of the following:

  1. AEAD ciphers (MACs are implicit - no action needed):
  2. ETM MAC variants:

Recommendations for Common Clients

ClientRecommendation
paramikoConfigure to use AEAD ciphers or update configuration to prefer ETM MACs
WinSCPUpdate to latest version and configure cipher preferences in Connection > SSH > Ciphers
JSCHUpgrade from 0.1.x to 0.2.x series which supports ETM MACs
Renci.SshNetUpdate to latest version with AEAD cipher support
SSHJUpdate to version 0.35.0 or later
OpenSSHUpdate ssh_config to prefer AEAD ciphers or ETM MACs
PuTTYUpdate to latest version and configure cipher/MAC preferences
If you have any questions or encounter issues, please contact us at [email protected]
Contact Us
For technical support or to discuss how DataShop can help your business:
OR
Phone
+1 800 307-8979 U.S.
+1 312 786-7400 Global

Your message was successfully sent.

Thank you for your inquiry. We will respond to your request shortly.

Please use the form below to get in touch with us. Select the appropriate category for your message to contact the right department.

*Required fields

We're sorry, an error occurred.

© 2026 Cboe Exchange, Inc. rights reserved
Company
Information
My Account