An Interest In:
Web News this Week
- April 16, 2024
- April 15, 2024
- April 14, 2024
- April 13, 2024
- April 12, 2024
- April 11, 2024
- April 10, 2024
Some of Our Sources
- BoingBoing
- Simplebits
- Web Designer Wall
- Team Treehouse
- Just Creative
- The Logo Smith
- Abduzeedo
- Fuel Your Creativity
- Crazy Leaf Design
- Line 25
Help Webnuz
Referal links:
January 8, 2016 04:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Sw-27k8OqpU/deprecation-of-md5-and-sha1----just-in-time
Deprecation of MD5 and SHA1 -- Just in Time?
mitcheli writes: If you're hanging on to the theory that collision attacks against SHA-1 and MD5 aren't yet practical, two researchers from INRIA, the French Institute for Research in Computer Science and Automation, have provided reason for urgency. They demonstrated a new series of transcript collision attacks centered on the SHA-1 and MD5 implementations in TLS 1.1, 1.3 and 1.3, along with IKEv1 and v2, and SSH 2. They say, "Our main conclusion is that the continued use of MD5 and SHA1 in mainstream cryptographic protocols significantly reduces their security and, in some cases, leads to practical attacks on key protocol mechanisms (PDF)." Of course, Mozilla officially began rejecting new SHA-1 certificates as of the first of the year. And as promised, there have been some usability issues. Mozilla said on Wednesday that various security scanners and antivirus products are keeping some users from reaching HTTPS websites.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Sw-27k8OqpU/deprecation-of-md5-and-sha1----just-in-time
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot