[142208] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: MD5 considered harmful today, SHA-1 considered harmful tomorrow

daemon@ATHENA.MIT.EDU (Victor Duchovni)
Sun Jan 11 13:22:36 2009

Date: Sat, 10 Jan 2009 23:06:46 -0500
From: Victor Duchovni <Victor.Duchovni@morganstanley.com>
To: cryptography <cryptography@metzdowd.com>
Mail-Followup-To: cryptography <cryptography@metzdowd.com>
In-Reply-To: <7DF2365FF07C0E4E89419D65CCC93C9E01435C239495@EXCHANGE11.campus.tue.nl>

On Sat, Jan 10, 2009 at 11:32:44PM +0100, Weger, B.M.M. de wrote:

> Hi Victor,
> > Bottom line, anyone fielding a SHA-2 cert today is not going 
> > to be happy with their costly pile of bits.
> Will this situation have changed by the end of 2010 (that's
> next year, by the way), when everybody who takes NIST seriously 
> will have to switch to SHA-2?

Extremely unlikely in the case of SSL/TLS and X.509 certs. There is
a huge install-base of systems on which SHA-2 certs will failed SSL
handshakes. When Windows XP systems are <1% of the install-base, when
OpenSSL 0.9.8 is <1% of the install-base and 0.9.9 too (if the
support is not added before it goes official), and all the browsers,
Java libraries, ... support SHA-2, then you can deploy SHA-2 certs.

I would estimate 5-8 years, if developers of all relevant mainstream
implementations start to address the issue now. SHA-1 will be with
us well after 2010. New applications written in 2010 will ideally
support SHA-2, but SHA-1 will probably still be the default digest
in many applications through 2013 or 2015.


 /"\ ASCII RIBBON                  NOTICE: If received in error,
 \ / CAMPAIGN     Victor Duchovni  please destroy and notify
  X AGAINST       IT Security,     sender. Sender does not waive
 / \ HTML MAIL    Morgan Stanley   confidentiality or privilege,
                                   and use is prohibited.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post