asteroza + sha-1   15

SHAttered
"Practical" attack, as in well funded corp or nation state level attack since it needs 110 GPU years...
SHA-1  practical  attack  cryptography  research  security  Delicious 
february 2017 by asteroza
SHA-1 or SHA-256 for Windows kernel-mode code signing | Symantec
Hrm, so fresh install W10AU will refuse non-WHQL non-EV SHA-256 kernel drivers, even if it was before the cutoff date.
windows  authenticode  codesign  SHA-1  SHA-2  SHA-256  WHQL  sysdev  10  1607  sysadmin  tips  tricks  Delicious 
november 2016 by asteroza
The Shappening
So, why hasn't a kickstarter happened to crowdsource the $100K or so needed to crack SHA-1 on AWS and permanently put it out to pasture?
SHA1  SHA-1  collision  hash  encryption  crytography  cryptographic  algorithm  software  research  security  hacking  freestart  attack  cryptography  Delicious 
october 2015 by asteroza
SHA1 Deprecation Policy - Windows PKI blog - Site Home - TechNet Blogs
Usermode will be SHA-2 in Vista in 2016, but kernelmode is still SHA-1...
windows  PKI  codesign  authenticode  SHA-1  SHA-2  deprecation  Delicious 
june 2015 by asteroza
Microsoft Security Advisory 2880823
So by 2016, if SSL certs aren't using SHA-256 Microsoft will hate you. It also means XPSP2 users are boned (though with the POODLE attack forcing migrations above SSLv3 to TLS1+ they are already screwed).
SHA1  SHA-1  SHA2  SHA-2  SHA-256  SHA256  microsoft  windows  certificate  policy  PKI  security  encryption  cryptography  Delicious 
october 2014 by asteroza

Copy this bookmark:



description:


tags: