[fitsbits] Hash Functions (MD5 is very obsolete)
Rob Seaman
seaman at noao.edu
Tue Jul 8 09:25:40 EDT 2008
Hi guys,
Apologies if you see this more than once.
FYI. A reminder that MD5 has been obsolete for several years. So
obsolete that even the U.S. federal government now regards its
successor as similarly obsolete :-)
Rob
--
Begin forwarded message:
> From: Danny Mayer <mayer at ntp.isc.org>
> Date: July 8, 2008 4:45:30 AM GMT-07:00
> To: NTP Working Group <ntpwg at lists.ntp.isc.org>
> Subject: [ntpwg] Fwd: NIST's policy on Hash Functions
>
> I'm forwarding this note from a different mailing list on
> deprecating MD5. Since NTP uses MD5 we may need to consider this for
> various parts of NTP that makes use of hash functions.
>
> Comments?
>
> Danny
>
> PS: NIST'S POLICY ON HASH FUNCTIONS
> March 15, 2006: *The SHA-2 family of hash functions (i.e., SHA-224,
> SHA-256, SHA-384 and SHA-512) may be used by Federal agencies for
> all applications using secure hash algorithms.* Federal agencies
> *should* stop using SHA-1 for digital signatures, digital time
> stamping and other applications that require collision resistance as
> soon as practical, and must use the SHA-2 family of hash functions
> for these applications after 2010. After 2010, Federal agencies may
> use SHA-1 only for the following applications: hash-based message
> authentication codes (HMACs); key derivation functions (KDFs); and
> random number generators (RNGs). Regardless of use, NIST encourages
> application and protocol designers to use the SHA-2 family of hash
> functions for all new applications and protocols. (from http://csrc.nist.gov/groups/ST/hash/policy.html
> , I've enclosed emphased words in the original by **)
More information about the fitsbits
mailing list