Stories
Slash Boxes
Comments

SoylentNews is people

posted by CoolHand on Thursday April 30 2015, @11:12PM   Printer-friendly
from the we're-not-really-just-procrastinating-honest! dept.

The Register covers the difficulty of putting SHA-1 crypto algorithm to bed:

The road towards phasing out the ageing SHA-1 crypto hash function is likely to be littered with potholes, security experts warn.

SHA-1 is a hashing (one-way) function that converts information into a shortened "message digest", from which it is impossible to recover the original information. This hashing technique is used in digital signatures, verifying that the contents of software downloads have not been tampered with, and many other cryptographic applications.

The ageing SHA-1 protocol – published in 1995 – is showing its age and is no longer safe from Collision Attacks, a situation where two different blocks of input data throw up the same output hash. This is terminal for a hashing protocol, because it paves the way for hackers to offer manipulated content that carries the same hash value as pukka packets of data.

Certificate bodies and others are beginning to move on from SHA-1 to its replacement, SHA-2. Microsoft announced its intent to deprecate SHA-1 in Nov 2013. More recently, Google joined the push with a decision to make changes in he latest version of its browser, Chrome version 42, so that SHA-1 certificates are flagged up as potentially insecure.

Just updating to SHA-2 is not as simple as it might seem, because of compatibility issues with Android and Windows XP. More specifically, Android before 2.3 and XP before SP3 are incompatible with the change (a fuller compatibility matrix maintained by digital certificate firm GlobalSign can be found here).

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by gnuman on Friday May 01 2015, @09:23PM

    by gnuman (5013) on Friday May 01 2015, @09:23PM (#177620)

    DNSSEC will be stuck for quite a while because it's an overly complex abomination to maintain. It made sense in 1995 (or at least it was the only practical way to do it) but in an era where a cellphone has more than enough CPU power to be a DNS server, it really doesn't make sense to jump through all of those hoops to avoid the server having to do encryption and hashing.

    I think you are missing how it works.

    1. KSK is set to parent zone
    2. ZSK is signed by KSK to sign the zone, so you can easily replace it without adding new records to parent.
    3. done?

    There is no reason why this can't be done dynamically, at least the ZSK signing the zone. That is not even the problem. Dynamic zone signing is part of BIND. The problem is lack of DNSSEC enabled resolvers.

    The point of having external keys for zone signing is I can sign a zone on a non-remote accessible computer and I can push it out to DNS. This makes DNS safer as a compromised DNS server cannot compromise the zone.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by sjames on Saturday May 02 2015, @12:46AM

    by sjames (2882) on Saturday May 02 2015, @12:46AM (#177699) Journal

    As opposed to one key for the DNS server that supports an arbitrary number of zones.