An Interest In:
Web News this Week
- April 25, 2024
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
May 27, 2020 07:30 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/tBPZxRQ4kbY/openssh-to-deprecate-sha-1-logins-due-to-security-risk
OpenSSH To Deprecate SHA-1 Logins Due To Security Risk
OpenSSH, the most popular utility for connecting to and managing remote servers, has announced today plans to drop support for its SHA-1 authentication scheme. From a report: The OpenSSH team cited security concerns with the SHA-1 hashing algorithm, currently considered insecure. The algorithm was broken in a practical, real-world attack in February 2017, when Google cryptographers disclosed SHAttered, a technique that could make two different files appear as they had the same SHA-1 file signature. At the time, creating an SHA-1 collision was considered computationally expensive, and Google experts thought SHA-1 could still be used in practice for at least half a decade until the cost would go down. However, subsequent research released in May 2019 and in January 2020, detailed an updated methodology to cut down the cost of an SHA-1 chosen-prefix collision attack to under $110,000 and under $50,000, respectively.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/tBPZxRQ4kbY/openssh-to-deprecate-sha-1-logins-due-to-security-risk
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot