This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/db-wg@ripe.net/
[db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
- Previous message (by thread): [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
- Next message (by thread): [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Pierre Kim
pierre.kim.sec at gmail.com
Wed May 6 21:23:41 CEST 2015
Dear Piotr, Thank you for this document. I didn't know you proposed to change the hashing algorithm in 2010. Currently, passwords are encrypted by default to MD5 in the RIPE database. Using passwords is not safe because the MD5 hashes were distributed and are prone to collision attacks. Using an other cryptography hashing algorithm to encrypt passwords is an interesting solution and can be the easiest migration solution. Regards, On 5/6/15, Piotr Strzyzewski <Piotr.Strzyzewski at polsl.pl> wrote: > On Wed, May 06, 2015 at 06:20:50AM +0900, Pierre Kim wrote: > > Dear Pierre > >> I was hoping that RIPE will either : >> - deprecate MD5 in profit of stronger authentication methods. > > Did you mean MD5 or passwords? > > Making MD5 obsolete was proposed in 2010 during the RIPE61. > My short presentation on this topic could be foung here: > http://ripe61.ripe.net/presentations/349-better_security_for_maintainers.pdf > > Best regards, > Piotr > > -- > gucio -> Piotr Strzyżewski > E-mail: Piotr.Strzyzewski at polsl.pl > -- -- Pierre Kim pierre.kim.sec at gmail.com @PierreKimSec https://pierrekim.github.io/
- Previous message (by thread): [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
- Next message (by thread): [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]