Difference between revisions of "SHA-1 (deprecated)"

From wikieduonline
Jump to navigation Jump to search
 
(8 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[[wikipedia:SHA-1]]
+
[[wikipedia:SHA-1]] is deprecated
 +
 
 +
== Status ==
 +
* Disabled in [[OpenSSH 8.8]] September 2021
 +
* Not supported in [[Terraform changelog|Terraform]] since 1.2 (May 2022)
  
 
== Attacks ==
 
== Attacks ==
 
[[Certificates]] are at special risk to the aforementioned [[SHA1 collision]] vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief [[LoginGraceTime]] window that they have to forge a host key signature.
 
[[Certificates]] are at special risk to the aforementioned [[SHA1 collision]] vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief [[LoginGraceTime]] window that they have to forge a host key signature.
 +
 +
== Related ==
 +
* [[BLAKE2s]] [[Linux Kernel 5.17]]
  
 
== See also ==
 
== See also ==
 
* {{sha}}
 
* {{sha}}
 +
* {{OpenSSH}}
  
 
[[Category:Security]]
 
[[Category:Security]]

Latest revision as of 06:21, 31 August 2022

wikipedia:SHA-1 is deprecated

Status[edit]

Attacks[edit]

Certificates are at special risk to the aforementioned SHA1 collision vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief LoginGraceTime window that they have to forge a host key signature.

Related[edit]

See also[edit]

Retrieved from "https://www.wikieduonline.com/index.php?title=SHA-1_(deprecated)&oldid=173227"

Advertising: