News

Microsoft wants to stop using outdated sha-1 algorithm sooner

By admin
Spread the love

Microsoft plans to block the sha-1 hashing algorithm from June 2016. The outdated algorithm has become vulnerable to increasingly simple attacks over time. With the blockade, Microsoft is following in the footsteps of Mozilla and Google.

This is reported by Microsoft on its blog. Initially, the use of sha-1 would be from January 1, 2017
be blocked. The reason for bringing the deadline forward is that the security of the hashing algorithm is increasingly being compromised. Microsoft refers to the freestart collision attack, which was carried out in October.

Security expert Bruce Schneier had reservations about the 1995 algorithm in 2005, but at the time conducting an attack was not yet economically interesting. However, it is getting cheaper and cheaper to carry out an attack. Sha-1 is used, among other things, for signing ssl/tls certificates. Forging a single certificate by collision can have serious consequences. This creates a certificate with the same hash value as a legitimate certificate.

In its planning, Microsoft indicates that from January 1, 2016, certificate authorities may only issue certificates that are signed with the updated sha-2. After the June 2016 deadline, Windows will only trust certificates signed with sha-2.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

Exit mobile version