Slashdot Mirror


Microsoft Drops Aging Encryption Schemes

christchurch wrote to mention an Eweek column about Microsoft's decision to stop using DES, MD4, and MD5 for encryption in Vista. From the article: "All three algorithms show signs of 'extreme weakness' and have been banned, Howard said. Microsoft is recommending using the Secure Hash Algorithm (SHA)256 encryption algorithm and AES (Advanced Encryption Standard) cipher instead, he said. The change is part of a semi-yearly update to Microsoft's Secure Development Lifecycle policies by engineers within Microsoft's Security Business & Technology Unit."

3 of 199 comments (clear)

  1. ROT13 by Anonymous Coward · · Score: 5, Funny

    Presumably they haven't banned ROT13 then.

  2. Automated checking by LiquidCoooled · · Score: 5, Funny

    Developers who use one of the banned cryptographic functions in new code will have it flagged by automated code scanning tools and will be asked to update the function to something more secure, Howard said.

    C:\ > make windows.vista
    ERROR: Insecure code found.
    Please upgrade code to Linux.

    --
    liqbase :: faster than paper
  3. Alte4rnative encyrption schemes available.. by Rob+T+Firefly · · Score: 5, Funny

    Microsoft has promised additional encryption schemes for power users, including ig-pay atin-lay, leaving out every third word, and Navajo code talkers.