Re: Should we settle on one SSL implementation?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 27 Oct 2007, Oisin Feeley wrote:

> > Uh?  I wasn't aware SHA1 has been broken (at least, not in
> > a practically exploitable way).
>
> It hasn't ... yet.  But the US government is mandating that it not be
> used after 2010, so anyone wanting to be able to fulfill that needs to
> plan now how to make the transition:
>
> "March 15, 2006: The SHA-2 family of hash functions (i.e., SHA-224,
> SHA-256, SHA-384 and SHA-512) may be used by Federal agencies for all
> applications using secure hash algorithms. Federal agencies should
> stop using SHA-1 for digital signatures, digital time stamping and
> other applications that require collision resistance as soon as
> practical, and must use the SHA-2 family of hash functions for these
> applications after 2010."
>
> http://csrc.nist.gov/groups/ST/hash/policy.html

Note that this applies to sha1 being used for hashes of filenames, X.509
attributes, etc. It does not apply to IPsec's use of md5/sha1, which does not
require collision resistance because of its use of HMAC.

The official IETF policy is "walk, not run, to a new secure hashing algorithm".
Also, it is believed that if SHA-1 is compromised, the attack would work
similarly to SHA-256 et al.

Paul

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux