On Jan 3, 2009, at 9:38 AM, Dorn Hetzel wrote:
Would using the combination of both MD5 and SHA-1 raise the
computational
bar enough for now,
I have never seen this recommended (and I do try and follow this).
or are there other good prospects for a harder to crack
hash?
The Federal Information Processing Standard 180-2, Secure Hash
Standard, specifies algorithms for computing five cryptographic hash
functions — SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.
SHA-256 is thought to be still safe, unlike SHA-1
http://eprint.iacr.org/2008/271
http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html
and its use is recommended by RFC4509.
http://tools.ietf.org/html/rfc4509
So, I would use SHA-256 if possible. (SHA-224 is a truncation of -256
- see rfc3874.)
There is, BTW, a competition to find a replacement.
http://csrc.nist.gov/groups/ST/hash/sha-3/index.html
Regards
Marshall
On Sat, Jan 3, 2009 at 9:35 AM, William Warren <
hescomins...@emmanuelcomputerconsulting.com> wrote:
Dragos Ruiu wrote:
On 2-Jan-09, at 9:56 AM, Robert Mathews (OSIA) wrote:
Joe Greco wrote:
[ .... ]
Either we take the potential for transparent MitM attacks
seriously, or
we do not. I'm sure the NSA would prefer "not." :-)
As for the points raised in your message, yes, there are
additional
problems with clients that have not taken this seriously. It is,
however,
one thing to have locks on your door that you do not lock, and
another
thing entirely not to have locks (and therefore completely lack
the
ability to lock). I hope that there is some serious thought
going on in
the browser groups about this sort of issue.
[ ... ]
... JG
F Y I, see:
SSL Blacklist 4.0 - for a Firefox extension able to detect 'bad'
certificates @
http://www.codefromthe70s.org/sslblacklist.aspx
Best.
Snort rule to detect said...
url: http://vrt-sourcefire.blogspot.com/2009/01/md5-actually-harmful.html
alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"POLICY
Weak SSL
OSCP response -- MD5 usage"; content:"content-type:
application/ocsp-response"; content:"2A 86 48 86 F7 0D 01 01 05";
metadata:
policy security-ips drop, service http; reference: url,
www.win.tue.nl/hashclash/rogue-ca/; classtype: policy-violation;
sid:1000001;)
cheers,
--dr
--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada March 16-20 2009 http://cansecwest.com
London, U.K. May 27/28 2009 http://eusecwest.com
pgpkey http://dragos.com/ kyxpgp
Everyone seems to be stampeding to SHA-1..yet it was broken in
2005. So
we trade MD5 for SHA-1? This makes no sense.
