We support Microsoft .NET Framework 2.0 & 1.1, all versions of Access, SQL 2000, SQL 7.0, SQL 2005 Express, SOAP, FrontPage 2002, 2003, Visual Studio 2005, Index Server, XML, UDDI, & Mobile device support. We also offer great third party tools like SmarterMail, Merak Mail, SmarterStats, PHP, Perl, MySql, DeepMetrix Livestats XSP 8.0.   We support Microsoft .NET Framework 2.0 & 1.1, all versions of Access, SQL 2000, SQL 7.0, SQL 2005 Express, SOAP, FrontPage 2002, 2003, Visual Studio 2005, Index Server, XML, UDDI, & Mobile device support. We also offer great third party tools like SmarterMail, Merak Mail, SmarterStats, PHP, Perl, MySql, DeepMetrix Livestats XSP 8.0.
 Saturday, September 17, 2005
Microsoft Scraps Old Encryption

The Redmond, Wash., software company instituted a new policy for all developers that bans functions using the DES, MD4, MD5 and, in some cases, the SHA1 encryption algorithm, which is becoming "creaky at the edges," said Michael Howard, senior security program manager at the company, Howard said.

MD4 and MD5 are instances of the Message Digest algorithm that was developed at MIT in the early 1990s and uses a cryptographic hash function to verify the integrity of data. "Eweek article"

While Bruce Schneier, and other experts in the field outlined the end of MD5.  It appears that MS is at least listening to some degree. Though one would think they would be on the edge at least they are not ignoring this. Seems that scraping SHA1 is also in their best interest as well.

The next and more serious question is what about all the exsisting use, that is in production. Is the problem so serious that we cannot get beyond it? As I have stated I am certainly no crypto expert. It seems a fair question, and is some cause for concern.

Dev
9/17/2005 8:07:46 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 
Related Posts:
EGroupware
Microsoft and Iron Ruby
SQL injection
Synchronize Mysql data with php
IE 8 passes ACID2 test
SQL Speed Tip