Microsoft Drops Aging Encryption Schemes

christchurch wrote to mention an Eweek column about Microsoft's decision to stop using DES, MD4, and MD5 for encryption in Vista. From the article: "All three algorithms show signs of 'extreme weakness' and have been banned, Howard said. Microsoft is recommending using the Secure Hash Algorithm (SHA)256 encryption algorithm and AES (Advanced Encryption Standard) cipher instead, he said. The change is part of a semi-yearly update to Microsoft's Secure Development Lifecycle policies by engineers within Microsoft's Security Business & Technology Unit."

is MD4/5 really encryption ?

i thought they where just one way hashing algos

one down, one to go

[cryptoz]

Even if Vista and related products use higher encryption, Windows' obsessive temp file creation, along with swap files, seems to minimize the effect that using encryption has, right?

I mean, sure, it'll be much harder to brute force any MS encryption now, but did people do it that way before? Weren't there always other workarounds that will still be present?

Re:one down, one to go

[RealityMogul]

I wonder if they're still going to support the LANMAN hashes in Vista. Nothing is quite as smart as storing the easily cracked hash right next to the more secure one.

Re:one down, one to go

[Fahrenheit+450]

I was going to mod you Overrated, but I decided to post instead.

This is not about buzzword compliance. The three algorithms that they are banning should have been done away with years ago. DES has been fairly easily crackable via burute force for nearly a decade now, and MD4 has had issues for just about as long. And now that collisions can be found for MD4 essentially by hand, it shouldn't be used for anything of any importance.

Hell, even NIST is recommending that people start figuring out ways to phase out their use of SHA-1, which is still practically secure, but starting to show cracks. And if there ever was an orginization free of buzzwords, it's NIST (I dare you to read some of their FIPS documents without passing out).

This is a good move that nedeed to be done. It's a step in the right direction -- now they need to get on with shoring up the other holes in their codebase.

So LM hashes are out! Yay!

If this is true then LM hashes, which use DES, are on their way out finally. It's going to break some backwards compatibility, but it will go a long way in fixing some of the most obvious, http://www.antsight.com/zsl/rainbowcrack/, privelage escalation problems.

Re:The real reason...

[scruffy]

In addition, Microsoft doesn't hold any patents on those algorithms, and they have open specifications.

Re:I'm not sure but....

[leuk_he]

Yep, what means you have to upgrade to an supported OS to be able to connect vista? Since win2000 is not supoorted they won't be upgraded and they cannot connect to vista.

Upgrade in the name of security!

Of you can go deep down in vista and enable an option for OLD/depreciated NTLM supported, giving you much popups about that your OS not being safe WARNIGN WARNING WARNING.!

Re:AES & SHA256 are young

[Thuktun]

There's already a crack for AES.. check the archives.

I wouldn't call it a crack, more of a theoretical vulnerability. When the attack's complexity exceeds the number of atoms in the universe, it doesn't seem much like a "crack".

Re:Automated checking

[jmulvey]

I totally agree. Compare Microsoft's reaction to security problems with what has happened in the *nix world with NFS and NIS.

NIS is the biggest, steamiest pile of insecurity ever conceived... and NFS is built right on top of it. But nobody every screams and yells on slashdot about how insecure it is... I guess because it was developed by people who didn't work for the "evil empire".