[ntpwg] Fwd: NIST's policy on Hash Functions
Danny Mayer
mayer at ntp.isc.org
Tue Jul 8 11:45:30 UTC 2008
I'm forwarding this note from a different mailing list on deprecating
MD5. Since NTP uses MD5 we may need to consider this for various parts
of NTP that makes use of hash functions.
Comments?
Danny
PS: NIST'S POLICY ON HASH FUNCTIONS
March 15, 2006: *The SHA-2 family of hash functions (i.e., SHA-224,
SHA-256, SHA-384 and SHA-512) may be used by Federal agencies for all
applications using secure hash algorithms.* Federal agencies *should*
stop using SHA-1 for digital signatures, digital time stamping and
other applications that require collision resistance as soon as
practical, and must use the SHA-2 family of hash functions for these
applications after 2010. After 2010, Federal agencies may use SHA-1
only for the following applications: hash-based message authentication
codes (HMACs); key derivation functions (KDFs); and random number
generators (RNGs). Regardless of use, NIST encourages application and
protocol designers to use the SHA-2 family of hash functions for all
new applications and protocols.
(from http://csrc.nist.gov/groups/ST/hash/policy.html,
I've enclosed emphased words in the original by **)
More information about the ntpwg
mailing list