[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
NIST moves to stronger hashing (fwd)
------- Forwarded Message
Date: Mon, 7 Feb 2005 12:39:36 -0500
To: cryptography@metzdowd.com, cypherpunks@al-qaeda.net
From: "R.A. Hettinga" <rah@shipwright.com>
Subject: NIST moves to stronger hashing
<http://www.fcw.com/print.asp>
Federal Computer Week
Monday, February 7, 2005
NIST moves to stronger hashing
BY Florence Olsen
Published on Feb. 7, 2005
Federal agencies have been put on notice that National Institute of
Standards and Technology officials plan to phase out a widely used
cryptographic hash function known as SHA-1 in favor of larger and stronger
hash functions such as SHA-256 and SHA-512.
The change will affect many federal cryptographic functions that
incorporate hashes, particularly digital signatures, said William Burr,
manager of NIST's security technology group, which advises federal agencies
on electronic security standards.
"There's really no emergency here," Burr said. "But you should be planning
how you're going to transition - whether you're a vendor or a user - so
that you can do better cryptography by the next decade."
Hashing is used to prevent tampering with electronic messages. A hash is a
numerical code generated from a string of text when a message is sent. The
receiving system checks it against a hash it creates from the same text,
and if they match, the message was sent intact.
Speaking at a recent meeting of the federal Public Key Infrastructure
Technical Working Group at NIST, Burr said some critics have questioned the
security of the government-developed SHA-1 after some researchers managed
to break a variant of the SHA-1 hash function last year.
But Burr said no complete implementation of the SHA-1 function has been
successfully attacked. "SHA-1 is not broken," he said, "and there is not
much reason to suspect that it will be soon." But advances in computer
processing capability make it prudent to phase out SHA-1 by 2010, he said.
Burr said other widely used hash functions such as MD5 are vulnerable to
attack and their use should be discontinued. "If by some chance you are
still using MD5 in certificates or for digital signatures, you should
stop," he said.
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>