On Monday, April 10, 2023 4:01:45 PM EDT Daniel Alley wrote: > >and in 1-2 years, SHA256 > > I've not seen any speculation much less evidence about sha256 being > insecure. Is this a post-quantum-crypto thing? Yes. There are a set of requirements called CNSA 1.0 that is being driven into all the security standards. They are selecting algorithms and key sizes that likely will stand up longer to efforts to crack them via quantum computers. Everything as of last fall needs to have at least 256 bit strength. So, sha384 is the current standard. RSA 3072 and greater are allowed as is ECDH P-512, and AES-256. Then in 2025, this all starts again with CNSA 2.0 where there's a transition period to quantum resistant algorithms. The target is everything transitioned by 2030. -Steve _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
