Home United States USA — software A popular encryption algorithm is being killed because it is too weak

A popular encryption algorithm is being killed because it is too weak

193
0
SHARE

The cost of launching collision attacks against SHA-1 has come down significantly making the encryption algorithm more vulnerable.
The developers of two open source code libraries for Secure Shell, which is the protocol used by millions of computers to create encrypted connections, have decided to no longer support the Secure Hash Algorithm 1 (SHA-1) due to growing security concerns.
As reported by Ars Technica, developers using the OpenSSH and Libssh libraries will no longer be able to use SHA-1 to digitally sign encryption keys going forward. In its release notes, OpenSSH explained why it will no longer support SHA-1, saying:
“It is now possible to perform chosen-prefix attacks against the SHA-1 algorithm for less than USD$50K. For this reason, we will be disabling the “ssh-rsa” public key signature algorithm by default in a near-future release.

Continue reading...