Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Drops Aging Encryption Schemes

Posted by Zonk on from the updating-their-friends-list dept.

christchurch wrote to mention an Eweek column about Microsoft's decision to stop using DES, MD4, and MD5 for encryption in Vista. From the article: "All three algorithms show signs of 'extreme weakness' and have been banned, Howard said. Microsoft is recommending using the Secure Hash Algorithm (SHA)256 encryption algorithm and AES (Advanced Encryption Standard) cipher instead, he said. The change is part of a semi-yearly update to Microsoft's Secure Development Lifecycle policies by engineers within Microsoft's Security Business & Technology Unit."

14 of 199 comments (clear)

  1. Allowed by US Gov? by guruevi · · Score: 4, Interesting

    Is that even allowed by US Gov. to export that to other countries? I thought that there was a limit of encryption and everything above ...bits was banned from exporting (remembering 56-bits encryption Windows NT).

    --
    Custom electronics and digital signage for your business: www.evcircuits.com
  2. I'm not sure but.... by amodm · · Score: 5, Interesting

    wasn't NTLM slightly based on/uses DES ? If thats the case, then does it mean that they are changing the algo used in SAM too ?

  3. Re:The real reason... by frankthechicken · · Score: 3, Interesting

    I actually think the real reason could be pure marketing.

    Windows no longer uses the insecure encryption that certain other OS' use, upgrade your security now, upgrade to Vista.

    A classic quote to appeal to the PHB's and their ilk.

  4. Re:one down, one to go by Anonymous Coward · · Score: 1, Interesting

    I remember that one. The data they "predicted" was found in analytical ways, meaning "predicted" was not really a good word to use. Plus the mass amount of data they had to shove onto the end was crazy. Wake me when they can attach executable code to any section of a program.

  5. well good. It's about time. by dAzED1 · · Score: 3, Interesting

    Anyone that disagrees that removing these "encryption" methods is bad, is obviously just a troll. /sarcasm

    Ok, question: what does Windows use hashes for, other than the updater (if even that)? Can't the updater just change what it supports, and leave the other hash tools alone?

    How about some real security enhancements, Gates?

  6. Re:ROT13 by Anonymous Coward · · Score: 5, Interesting

    It wasn't banned for XP. Check out HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\UserAssist to see for yourself.

  7. Doh ... by BlueTrin · · Score: 3, Interesting

    Anyway they can use whichever algorithm they want ... bad implementation/planning is the cause of their security holes.

    Soon in Vista, 120xDES and AES implemented as default algorithms but windows media player will run any command sent remotely ...

    --
    Don't you know it is now both immoral and criminal to think beyond the next quarterly report?
  8. Firefox already supports AES/256 by Bert64 · · Score: 2, Interesting

    Firefox and other mozilla based browsers already support 256-bit AES encryption for ssl websites, as does apache..
    On the other hand, IIS and IE support nothing stronger than 128-bit RC4.. so be dropping RC4 they will lose compatibility with older versions of their own products, but maintain compatibility with their competitors.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!
  9. AES & SHA256 are young by mjh · · Score: 3, Interesting

    These are newcomers. Shouldn't that give us some pause as to how much we should rely on them? Yes they've been well studied. But compare AES with DES. It's been around forever and the only weakness that we know of is keylength. Do we really have enough exposure to the "new guys" to put confidence in them to switch everything to them?

    --
    Key to financial independence: Spend less than you earn. Save and invest the difference. Do it for a long time.
  10. HTTP Digest by hey · · Score: 4, Interesting

    MD5 is used in the HTTP digest authenticattion.
    I hope they'll still support that!

    1. Re:HTTP Digest by HermanAB · · Score: 2, Interesting

      Only flagged in new code.

      Presumably MS hasn't changed that part of IE since version 1 and it will stay that way.

      --
      Oh well, what the hell...
  11. Expired SHA by Anonymous Coward · · Score: 2, Interesting

    Could this been due to the patent on SHA has expired? And NSA wants to keep control of all things being crypted?

  12. Re:one down, one to go by cpeikert · · Score: 2, Interesting

    As far as I am aware, predicting a md5 collision has not been done.

    I don't know what you mean by "predicting," but yes, concrete MD5 collisions exist. I.e., two files, with different contents, that have the same MD5 hash (and the same size, to boot). They are printed in the paper that first announced the MD5 break. Further work has shown that additional collisions can be generated at will in minutes on a common laptop computer.

  13. Re:is MD4/5 really encryption ? by jafac · · Score: 2, Interesting

    So - then it doesn't matter if the hash algorithm is breakable? Since the hash gets encrypted? Or can the "broken" hash be used as a shortcut to attack the encryption?

    --

    These are my friends, See how they glisten. See this one shine, how he smiles in the light.