[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: BSP: SHA1 Preferred ?
Hello, My first question on this list, sorry for not having had time for this TC before. http://docs.oasis-open.org/ws-brsp/BasicSecurityProfile/v1.1/csprd01/BasicSecurityProfile-v1.1-csprd01.html#_Toc364859639 9.6.1 SHA-1 PreferredThe SHA-1 Digest algorithm is widely-implemented and interoperable hence the recommendation that it be used for signature digests. R5420 Any DIGEST_METHOD Algorithm attribute SHOULD have the value "http://www.w3.org/2000/09/xmldsig#sha1". While interoperable, there are concerns that SHA-1 is no longer secure. Current guidelines do not longer recommend SHA-1 but instead recommend moving to SHA-256 or higher: http://www.w3.org/TR/2013/REC-xmldsig-core1-20130411/#sec-MessageDigests "This specification defines several possible digest algorithms for the DigestMethod element, including REQUIRED algorithm SHA-256. Use of SHA-256 is strongly recommended over SHA-1 because recent advances in cryptanalysis (see e.g. [SHA-1-Analysis]) have cast doubt on the long-term collision resistance of SHA-1. Therefore, SHA-1 support is REQUIRED in this specification only for backwards-compatibility reasons." http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report "SHA-1 as a hash function only for legacy applications" http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml "FIPS PUB 180-4 (using SHA-256 and SHA-384)" Shouldn't the BSP make recommendations consistent with current security recommendations? Kind Regards, Pim van der Eijk |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]