[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Support for modern security algorithms in WS-Security
Hello, I am working on a project where WS-Security is being proposed. Security experts have pointed to some guideline documents that mention more modern security algorithms than are recommended in the BSP and in some other Web Services-related guidelines I have seen. Do WS-Security toolkits and vendor products these days commonly support these newer algorithms like SHA-256, so can a community therefore mandate them, or are most toolkits still limited to SHA-1 and would mandating SHA-256 create interoperability problems? Kind Regards, Pim van der Eijk -------- Original Message --------
Hello, My first question on this list, sorry for not having had time for this TC before. http://docs.oasis-open.org/ws-brsp/BasicSecurityProfile/v1.1/csprd01/BasicSecurityProfile-v1.1-csprd01.html#_Toc364859639 9.6.1 SHA-1 PreferredThe SHA-1 Digest algorithm is widely-implemented and interoperable hence the recommendation that it be used for signature digests. R5420 Any DIGEST_METHOD Algorithm attribute SHOULD have the value "http://www.w3.org/2000/09/xmldsig#sha1". While interoperable, there are concerns that SHA-1 is no longer secure. Current guidelines do not longer recommend SHA-1 but instead recommend moving to SHA-256 or higher: http://www.w3.org/TR/2013/REC-xmldsig-core1-20130411/#sec-MessageDigests "This specification defines several possible digest algorithms for the DigestMethod element, including REQUIRED algorithm SHA-256. Use of SHA-256 is strongly recommended over SHA-1 because recent advances in cryptanalysis (see e.g. [SHA-1-Analysis]) have cast doubt on the long-term collision resistance of SHA-1. Therefore, SHA-1 support is REQUIRED in this specification only for backwards-compatibility reasons." http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report "SHA-1 as a hash function only for legacy applications" http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml "FIPS PUB 180-4 (using SHA-256 and SHA-384)" Shouldn't the BSP make recommendations consistent with current security recommendations? Kind Regards, Pim van der Eijk |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]