Slashdot Mirror

← Back to Stories (view on slashdot.org)

Preparing To Migrate Off of SHA-1 In OpenPGP

Posted by kdawson on from the orderly-fashion dept.

jamie found a note on debian-administration.org, the first in a promised series on migrating off of SHA-1 in OpenPGP. "Last week at eurocrypt, a small group of researchers announced a fairly serious attack against the SHA-1 digest algorithm, which is used in many cryptosystems, including OpenPGP. The general consensus is that we should be 'moving in an orderly fashion toward the theater exits,' deprecating SHA-1 where possible with an eye toward abandoning it soon (one point of reference: US govt. federal agencies have been directed to cease all reliance on SHA-1 by the end of 2010, and this directive was issued before the latest results). ... So what can you do to help facilitate the move away from SHA-1? I'll outline three steps that current gpg users can do today, and then I'll walk through how to do each one..."

2 of 152 comments (clear)

  1. What's this "Off of" by Anonymous Coward · · Score: 0, Offtopic

    "Off of"

    Are we in grade school?

  2. Singularity? by Sybert42 · · Score: 0, Offtopic

    Is this very useful for Singularity-related research? There's a generally open-atmosphere (with Opencog spun off from Novamente), and realization of the stakes involved.