December 31

Brexit Deal Mandates Old Insecure Crypto Algorithms

Cryptography

0  comments

This post was originally published on this site

In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal mandates the use of SHA-1 and 1024-bit RSA:

The open standard s/MIME as extension to de facto e-mail standard SMTP will be deployed to encrypt messages containing DNA profile information. The protocol s/MIME (V3) allows signed receipts, security labels, and secure mailing lists… The underlying certificate used by s/MIME mechanism has to be in compliance with X.509 standard…. The processing rules for s/MIME encryption operations… are as follows:

  1. the sequence of the operations is: first encryption and then signing,
  2. the encryption algorithm AES (Advanced Encryption Standard) with 256 bit key length and RSA with 1,024 bit key length shall be applied for symmetric and asymmetric encryption respectively,
  3. the hash algorithm SHA-1 shall be applied.
  4. s/MIME functionality is built into the vast majority of modern e-mail software packages including Outlook, Mozilla Mail as well as Netscape Communicator 4.x and inter-operates among all major e-mail software packages.

And s/MIME? Bleah.

About the author 

Agent 86

Maxwell Smart, agent 86, is CONTROL's top spy (except for Bannister) and, later, the Chief of CONTROL.

You may also like

On the Evolution of Ransomware

On the Evolution of Ransomware

Russia’s SolarWinds Attack

Russia’s SolarWinds Attack

VMware Flaw a Vector in SolarWinds Breach?

VMware Flaw a Vector in SolarWinds Breach?
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Subscribe to our newsletter now!