Tag Archives: Bruce Schneier

Why We Need to Move to SHA-2

January 6, 2014 by Bruce Morton     1 Comment

Previously, we advised that the SSL industry must move to the SHA-2 hashing algorithm for certificate signatures. We thought it would be helpful to provide the reasoning behind the position. In the context of SSL, the purpose of a hashing algorithm is to reduce a message (e.g., a certificate) to a reasonable size for use [Read More...]

SHA-1 Deprecation, on to SHA-2

December 9, 2013 by Bruce Morton     1 Comment

We have previously reviewed implementation of SHA-2, but with Bruce Schneier stating the need to migrate away from SHA-1 and the SHA-1 deprecation policy from Microsoft, the industry must start to make some progress in 2014. Web server administrators will have to make plans to move from SSL and code signing certificates signed with the [Read More...]

Filed Under: SSL, SSL Deployment Tagged With: Code Signing, Microsoft, SHA-1

SHA-3

October 9, 2012 by Bruce Morton     No Comments

On October 2, 2012, the National Institute of Standards and Technology (NIST) announced that the winner of the new SHA-3 hash function competition was Keccak. The plan is SHA-3 will eventually replace SHA-1 and the SHA-2 hash families. To support digital certificates, the hashing function is used by the certification authority (CA) to put its [Read More...]

Filed Under: Secure Browsing, SSL, Technical Tagged With: Keccak, MD5, MD5MD5