SHA-2 and OS 10.8.5

Similar Messages

• Three tier PKI - support both SHA-1 and SHA-2

  Hey guys,
  We're about to implement a new three tier PKI - root, intermediate and Issuing CA's... is it possible to have the root and intermediate configured as SHA-1, and have multiple Issuing CA's - some SHA-1 and some SHA-2, or do the SHA-2 Issuing CA's need to
  be signed by SHA-2 certificate chain?
  Thanks in advance

  I agree with Vadims - if you can start from scratch now I would recommend setting up different hierarchies with consistent algorithms.
  The mixed scenario you propose would be sort of trade-off for existing PKIs - I had related discussions with some clients of mine:
  If you have to meet SHA-2 as per compliance / security guidelines but your Root CA processes are complicated, expensive, you use HSMs at the Root level (but there is no budget / time to install another one) etc., then adding a SHA-2-capable issuing CA to
  an existing hierarchy is a first step and might meet your different requirements.
  Then you can start moving over all existing templates (and related apps.) to the new CA. If you are 100% sure that all your apps would support SHA-2 you could probably "upgrade" the Root CA by renewing it with a modified hash algorithm.
  But you never know if you will have to support another PKI-enabled application or device in the future (some embedded system for example) that does not understand SHA-2 so you might want to keep the alternative SHA-1 hierarchy.

• Adobe reader x, and win7, sha-1 instead of sha-256

  Good afternoon,
  i have a problem similar to that posted at
  http://forums.adobe.com/message/3707345
  i try to sign the pdf (enable for signing with adobe livecycle ES, Right Managements)
  but it always is signed with hash algorithm SHA-1
  The hardware vendor of the smartcard, says that the problem is an adobe problem, because signing the file with its legacy software all works fine, and with its software the digest is SHA-256 (but the produced file is obviously not a signed pdf..)
  For italian law the supported digest is SHA-256, and NOT SHA-1
  I'm using the latest adobe reader version (10.1) and Win7
  P.S.: adobe livecycle, enabling the pdf for signing with livecycle Right Management Service, put a sign with an adobe certificate and returns a pdf ready to be signed, and in this pdf the adobe sign is SHA-1
  could be this the problem?
  So, before signing the pdf it just contains an adobe SHA-1 sign (coming from livecycle web service)
  With regards

  Hi GP,
  It's the smart card (or more correctly the software on the smart card) that is the bottleneck to getting to SHA-256. Here's what happens:
  NOTE: When I say Acrobat I really mean both Acrobat and Reader
  •    The user initiates the signing operation
  •    Acrobat asks the user to pick a digital ID
  •    The user select a digital ID from the drop-down list on the Sign Document dialog and then clicks the Sign button
  •    Acrobat needs to write the file to disk for security purposes (another issue) and puts up the Save As dialog
  •    The user selects a file name and save location and Acrobat writes the file to disk and it's at this time two things happen:
      o    The signature appearance is created so it can be part of the signed data (what you see in the signature field is not the signature, but rather a pictorial representation of the signature)
      o    A hole is created in the file and filled with zeros as a place holder where the actual signature will be written
  •    Acrobat computes the digest over the file, excluding the hole filled with zeros. By default Acrobat is using the SHA-256digest method
  •    Acrobat needs to get the digest encrypted (signed) by the private key associated with the signers digital ID
      o    If Acrobat has access to the private key it calls on the RSA library to do the encryption,
      o    If Acrobat doesn't have access to the private key it sends the SHA-256 digest to the software that does have access to the private key... In your case that's the cryptographic software residing on the smart card
  •    It's up to the cryptographic software to feed the 32 byte SHA-256 digest into its encryption algorithm and have the private key encrypt the digest
  •    The software on the smart card cannot handle a digest as large as 32-bytes, so it returns an error
  •    In Acrobat 9.0.0 and earlier once the error message was returned the signing process was aborted and signature did not get created. Starting with version 9.1 if a PKCS#11 (the specification for smart cards) error is returned  Acrobat falls back to re-computing the digest using SHA-1 and starts the process again. It's here where the smart card software is getting the 20-byte SHA-1 digest and can get it encrypted using the private key.
  •    Once the encrypted SHA-1 digest (this is really the digital signature) is computed the smart card sends it back to Acrobat
  •    Acrobat in turn writes the signature into the hole it created in the PDF file, overwriting the zeros with actual hex values.
  And that’s how you get a digital signature based on the SHA-1 digest method. If you absolutely need to use SHA-256 your only option is to get a newer smart card that can handle the larger digest.
  Steve

• How to enable SHA-2 hashing algorithm support on windows 7

  Hello All,
  Please suggest how to invalidate SHA-1 and MD5 algorithm on windows 7 and how to enable SHA-2.
  As suggested by Microsoft, regarding the availability of SHA-2 hashing algorithm, security update KB2949927 is installed on windows 7.
  Thank You

  Hi,
  Please check if you have installed the below mentioned update:
  http://support.microsoft.com/kb/2973337/en-us
  After installing this update, SHA512 is enabled for TLSv1.2.
  IE shall also be using TLS internally. Hope that should resolve your problem.
  Please refer to the below link for a similar discussion and its solution posted there:
  https://social.technet.microsoft.com/Forums/office/en-US/857c6804-8ce1-4f09-b657-00554055da16/tls-12-and-sha512?forum=winserversecurity
  (Please mark as answer if it resolves your issue. Please upvote if it is helpful.)
  Regards,
  Rajesh

• Provider for VIA's x86 hardware RNG and AES

  Hello.
  For those who are running Java (under Windows or Linux) on a modern VIA processor, you might be interested in downloading this provider, which uses the hardware for true random number generation and AES encryption/decryption.
  Depending on the data size, encryption mode, and processor, AES encryption is 15 to 90 times faster than the default Sun provider.
  The provider is free and can be downloaded here: http://www.viaarena.com/default.aspx?PageID=22&DSCat=162&DCatType=1
  A forthcoming version will add support for the newest security features of the processor, hardware SHA-1 and SHA-256 and hardware Montgomery Multiply.
  Kevin

  Nope, that doesn't work either.
  For what it's worth, I always got the "Unknown Card-Ids" message, even with the Testing version of Xorg 7, and with Xorg 6.8.2 - and AGPDMA works perfectly for both of those.
  Now, I tried doing X -configure to create the config file and not getting rid of the vendor/model "information":
  VendorName "Unknown Vendor"
  BoardName "Unknown Board"
  That gets rid of the "failed to initialize ring buffer" error, but AGPDMA is still not enabled:
  Current Operating System: Linux localhost 2.6.16-ARCH #1 SMP PREEMPT Wed Apr 12 18:59:19 CEST 2006 i686
  (WW) warning, (EE) error, (NI) not implemented, (??) unknown.
  (II) Loading extension MIT-SCREEN-SAVER
  (EE) VIA(0): Unknown Card-Ids (1565|1200), report this to the driver maintainer ASAP
  (EE) VIA(0): [drm] drmAgpAcquire failed 1023
  And now, here's something I should have noticed a while ago... Check out these (edited for clarity) screenshots of xorgcfg in textmode:
  In Xorg 6.8.x, VIA cards were listed where the red line is pointing. Now they're not listed there, or anywhere in xorgcfg.
  Likewise, the "via" driver is simply not listed; again, it was in Xorg 6.8.x, even after the installation of the necessary DRI snapshots for VIA hardware.
  Note that the above is observable with any of the available Unichrome drivers installed - xf86-video-via, xf86-video-unichrome, and xf86-video-openchrome all produce the same results.
  Also, I can't confirm this for xorgcfg's graphical mode, for the simple reason that the graphical mode just crashes:
  [root@localhost ~]# xorgcfg
  Warning: Cannot convert string "menu10" to type Pixmap
  Warning: Cannot convert string "menu10" to type Pixmap
  Can't create rules structure
  Think this strange stuff has any bearing on the AGPDMA situation?

• EIGRP SHA Authentication for Cisco ASA

  Hi,
  I was just wondering if anyone knew if Cisco was going to implement EIGRP SHA authentication in to the ASAs? My organization is migrating from classic to named EIGRP for SHA authentication and right now I'm stuck at the ASA's. Static routing everything just to remove MD5 authentication doesn't sound very fun, if you know what I mean. :)
  Thanks!

  Hello Mohammad,
  I would recommend you to advertise them via EIGRP, better funcionality, escalability,etc,etc,etc.
  Regards

• Remote access certificate authentication: moving from sha-1 to sha-2

  We have an ASA5520 supporting remote access clients using anyconnect; currently the environment is leveraging certificates using the sha-1 hash.      Our CA will no longer be deploying certificates with sha-1 and new users will be getting certificates with sha-2.  My question is in regard to migrating to the use of new certificates using sha-2.
  Will we need to deploy new certificates on the ASA and/or legacy clients, or will we be able to support clients with both hashes with no change?
  Any information you can offer will be appreciated.
  Per

  That depends on the CA. Many CAs give you the choice between SHA-1 and SHA256 when you submit your CSR.
  For other CAs like StartSSL, the used hashing is the same as the one used for the CSR. In that case you have to generate the CSR manually with openSSL or something similar.

• What changes are needed to have iDS 5.1 support SHA instead of SSHA as the default ?

  We have an application that ONLY supports SHA passwords
  and when we upgraded from iDS 4.16 to iDS 5.1 it doesnt
  work any more. Looking further, iDS 4.16 supported SHA
  as the default for password storage and iDS 5.1 supports the more secure SSHA as its default.
  Is there a way that we can specify what accounts use
  SHA versus SSHA ? If not, how do you configure iDS 5.1
  to support SHA as its default ?

  Hello, I read your response and I have a slightly different problem. I have set up a LDAP on Iplanet 5.1 and imported users from our old 4.x directory. When I did this everyone was added with their existing SHA hashed password.
  Now any new users that we have been adding have been loaded to the directory whit an SSHA hased password. This has caused a problem with some of our applications that require an SHA hashed password.
  I know where I can reset the default password hashing for the LDAP, but is there a way I can convert the passwords for the few hundred users that we entered before figuring this out from the SSHA hashed password to the SHA hashed password? I tried to do this via an LDIF import and when the LDIF file contained a userpassword value that began with {SSHA}, that is the way it was imported.
  Is there a way to have the IPlanet LDAP do this? Or write a simple program to do this? We don't want to have each one of these users have to enter a new password and then have the LDAP server encrypt it, we would rather just take the existing SSHA hashed password and convert it to an SHA hashed password. Is this possible?
  Any help would be greatly appreciated.
  Thanks

• Md5's time has come and gone.

  --MD5 Hashing Algorithm Flawed
  (28 January 2005)
  Security researchers are warning that the MD5 hashing algorithm, which
  is used by two of the three major content addressed storage system
  vendors, is flawed.  MD5 has reportedly been decertified for secure
  operations by NIST since at least 1998.
  http://www.computerworld.com/printthis/ … 31,00.html
  [Editor's Note (Tan): So far the MD5 collision is only on two 1024-bit
  messages (http://eprint.iacr.org/2004/199.pdf), but this is sufficient
  to prove that it is not 100% reliable. It will be good to start
  considering using a larger hash function. In fact, NIST plans to phase
  out SHA-1 in favor of SHA-224, SHA-256, SHA-384 and SHA-512 by 2010
  (http://csrc.nist.gov/hash_standards_comments.pdf).
  (Schneier): As the article says, the idea that there are flaws in MD5
  is nothing new.  It really is time and past for vendors to stop using
  it.]
  from: SANS NewsBites--Feb. 2, 2005--Vol. 7, Num. 5
  I realize that I am Mr. Security-Nutcase-stickler-uptight, but I think arch should move away from md5 towards SHA-256. md5 has been known to not be cryptographically secure for some time now. I think steps should be taken for migration...

  extra length does not necessarily ensure a better hash.
  Hashing algorithms are big voodoo, lots of "tricks" to try to chop down to the bits specified.
  Anyway, back to your statement. md5 outputs a 128 bit hash result. sha1 outputs a 160 bit result. md5 has been shown to have collisions. sha1 has so far not (the full 80 round version. A simplified 30 round version was shown to have some weakness).
  Sha1 can address...
  *counts on fingers*
  2^160..
  according to the "birthday" algorithm (heh..that is the only way I can remember it) you would only need approx 2^80 to find a collision (half the address space).
  sha-256 is of course, a 256 bit outputting hash.
  So with sha-256 (if it is "secure", and so far it appears to be so), you would need..
  2^128...aka a big damn number.
  That is, of course, if you are simply doing exhaustive searches for collisions. I believe there was some issue with md5, some trick if you will, that allowed them to theoretically reduce the address space further than 2^64.
  But, as I said, this is likely a non-issue for a couple more years. Still, it would be nice to be the first distro to move off of md5, because eventually, everyone will have to do so.

• Which SHA hash algorithm is DS 5.1 using?

  i'm trying to find out whether DS 5.1 uses the SHA-1 (160 bit) or the SHA-256 (256bit). i'm using coldfusion to query the directory and in order to compare password given by the user with the one stored in the directory i should hash the given password. coldfusion (a library, it's not a default function) has two differnt hash algorithms SHA-1 and SHA-256, which one should i use?
  ioanna

  DS uses SHA-1 (160 bit). And I'm not sure what you are proposing will work. I think you need the salt to generate the hash. Why do you need to compare the password outside the directory? You might be able to use the LDAP compare operation.

• SHA-1, replace with SHA-2 Certificates

  Does anyone know anything about the impact or plans for BC concerning SHA-1 and SHA-2 certificates? Google and Microsoft plan to change their browsers regarding certificates. And this may impact payment gateways.
  Our clients have started to receive notifications from their payment gateway providers that they must update to SHA-2. From what I have read, this stems from a problem with SSLv3.0 (POODLE - "Padded Oracle" exploit). SSLv3.0 support will be disabled I understand. I assume that this will concern BC payment gateways. Could the Adobe BC team comment on this please? Thanks!

  Hi Simon,
  We are committed to use latest security standards, we constantly review policies and try to accommodate latest certificate standards and other security measures or updates. The SHA-1 certificate is not related to the Poodle vulnerability, and as Liam mentioned, we're not affected by the Poodle vulnerability: Authorize.net SSLv3 shutdown, Poodle vulnerability - BC is not affected
  Thanks,
  Florin

• Replacing SHA-1 certificate with SHA-2

  We have a certificate that needs to be replaced. It is currently SHA-1, and we wish to replace it with SHA-2. We created a new certificate request and have received the replacement. The Root certificate remains the same; we now have two intermediates, instead
  of the one for SHA-1; and we have a new certificate with the same CN. Server is running Windows Server 2008 R2 and IIS 7.5.
  Should I remove the existing intermediate and server certificates before adding the new ones?
  Can the two intermediate certs be imported in a single file, or do I need to import them individually?
  Thanks,
    John

  Thanks for the quick response.
  Our security group gets the certificates, we put in a ticket with the csr text. That team is far more conversant with the LAMPS infrastructure, not so much with IIS. What comes back is the CA Root, CA Intermediate (in this case 2, with SHA-1 it was a single
  file) and the CA Server cert. I was advised to generate a new csr, rather than a renewal, since we would be changing to SHA-2.
  Since the root certificate has not changed (I can only assume that it is still sha-1 2048), and the server cert is issued for the same name, I was concerned that the current intermediate certificate might munge up the chain somehow. I was planning to remove
  the old server cert and intermediate and then load the new ones. It seems the most prudent course of action.
  With regard to loading the two intermediate files as one file, that is how they recommend doing it with keytool, when loading the keystore for Apache, Tomcat, or Jetty.
  So I saw the link to your article on SHA-1 deprecation policy AFTER having gotten the new certificates...
  If I ran certutil and set it to use SHA256 as the default, am I to understand that a renewal request would have generated a SHA-2 request? Would it replace all the CAs from the root down?
  Cheers.

• How can I restrict one stream per user?

  Hello!
  I have made a mp3-streamer in flash. Users must log on to a
  web page in order to access my player. If one user logs in once
  it's all OK. The problem occurs if a user "share" his account with
  multiple others and log in twice (or n-times). Now I have no
  control on how many users that can log onto the system.
  I'm looking for a solution where for instance the first one
  who logs in gets to play the stream, and all others that log into
  the same account are refused access to streaming. I'm not a
  back-end programmer, so I hope this is something that can be solved
  using FMS. Is there a known working solution to this problem or
  some features on FMS that can lock streaming to the first user.
  I've tried sending in the username, however if user#1 stops
  the stream user #2 is able to take over the stream, so now user # 1
  is refused the stream.
  Trond

  FMS does support connections to web services, and can make
  http requests in a number of ways. I like to use remoting, but you
  can also use loadVars, XML or an XML Socket connection. The best
  approach will be dictated by the services you need to connect to.
  For remoting, you want to look into netservices.asc , and you can
  find some examples/tutorials at flash-db.com
  About your scenario
  1) Player sends a ticket (SHA or something)
  The client (.swf would pass this data to FMS in the
  netconnection.connect() argument.
  2)FMS runs a remote call and verifies the ticket <-This is
  the problem
  No problem here. All you need to do is have your FMS app make
  the request of the authentication server (based on the token value
  provided in the client's connect request) before accepting the
  connection. See the docs for application.onConnect()
  3a) User already online? (Hmm forgot to turn off your player?)
  ..disconnect connection and give new connection to same user
  Here's the part you'll need some new structure for. You're
  going to need to be able to reference other clients that are logged
  in under the username of the new client. When a client connects, a
  corresponding client is stored in the application's clients[]
  array, but it's up to you to add your own variables to each client
  object so you have something to reference them by in your
  functions. The really cool thing is, once you have a means of
  picking the client out of the list, FMS auto-resolves to the client
  itself, and you can target the client with other functions.
  Take this server side code for example
  application.onConnect = function (clientObj, userName){ //
  Username was passed in the client connect() argument
  clientObj.userName = userName
  Now the username is a variable in the client object. To find
  a client with a specific user name, you just need to loop through
  the application.clients array and look for a match:
  function checkForUsername(name){
  for (x = 0; x < application.clients.length; x++){
  if (application.clients[x] .userName== name){
  // match found, do something about it. If we want to dump the
  old user, we might do this
  application.disconnect(application.clients[x]);
  Of course, this is only one approach, but it's about the most
  straighforward method I can think of.
  In the case of your app, I suggest you send two values to the
  FMS app in the client connect() argument... an SHA token, and the
  username. You'll use the username for checking user conflicts, and
  the SHA to verify the session (this should be a one time thing...
  the token expires after a single use)
  Hope it helps.

• Java Card 2.2.2 draft is out for public review

  A draft for the upcoming release of the Java Card Specification is available for public review.
  The Java Card 2.2.2 Specification will provide numerous enhancements to the award-winning Java Card platform. In particular it will include specific support for contactless communication and ID cards :
  * enhancements to ease the management and increase interoperability of contactless cards.
  * additional cryptography and security features
  * utility APIs for memory-efficient applet development
  Java Card technology v2.2.2 is ready for the next generations of smart card standards, and is fully backward-compatible with previous versions.
  New features in Java Card 2.2.2 :
  * Utility APIs for TLV, BCD, short, int
  * ISO7816-based Extended length APDU support
  * Support for up to 20 logical channels
  * External memory access API
  * Multiple Interfaces management
  * Additional cryptography algorithms : HMAC-MD5, HMAC-SHA1, SHA-256 and Korean Seed
  * Signature with message recovery
  * Partial message digest
  * Standardized Biometrics API
  Please direct your comments on this draft at [email protected] Feedback received before December 15th will be considered for the final version of the specification. For more information on the Java Card Platform Specification v2.2.2, Public Review Draft, refer to the release notes on http://java.sun.com/products/javacard/RELEASENOTES_jcspecsp.html

  The Installer and the Applet Deletion Manager are implemented in the JCRE and GlobalPlatform. On-card the Card Manager manages the content management, communication and the related security. JCRE specifies how it has to handle installation and deletion, but leaves room for different implementations. To the outside world, on a GP card, the Installer/ADM is the Card Manager with a specific AID.
  Installer and ADM are optional. For instance a Java Card Static product does not need an Installer/ADM.
  JCOP cards have the Installer/ADM fully implemented. It uses the GP functionality. The CM has to be selected to install or delete a package/applet.

• Error connecting to Content Server

  Hello,
  we are in the process of upgrading ERP6.0 EHP5 to EHP6 which is also an upgrade to NW702 to NW731. We made a system copy of the productive system and called it XXX and did all the post-systemcopy works that need to be done including creating the System PSE. We connected this XXX system to the Content Server and created new respositories and send the certificates to the CS. Everything was working fine. This wall still on NW702
  After the upgrade we get errors like:
  When trying to read/save a file, this error comes up:
  X-ErrorDescription: "Security SsfVerify failed rc=5, lasterror=1, This key
  type is not supported, PSE=\\?\E:\Program Files\SAP\Content Server\Security
  \<REPOSITORYNAME>.pse,"
  When accessing the CSADMIN via OAC0, the password windows opens and at the bottom the  Error "http 401 (unauthorized) Permission denied: adminContRep&configGet" occurs.
  I tried sending the certificate again-> still error
  I tried to delete the .certs and .pse files in ContentServer\security as suggested in note 1800664-> still error
  There was an old note saying that the CS needs to be patched because secude.dll is too old but even the latest patch only has the secude.dll from 2009 and there is no update. (At least I couldn't find any, probably because it is sapcrypto now)
  We are using CS Patch 17. Since everything was working before, I do not see the reason to deploy a new patch.
  The system PSE was created with algorithm RSA with SHA-1 and 2048 byte.
  Does anyone have an idea what to try next?
  Regards
  Andreas

  Hi Andreas,
  Have you registered content server port number 1090. check in services if not registered
  Please follow below steps.
  1.In 'Administrative Tools' open 'Windows Firewall with Advanced Security'
  2.Right click over 'Inbound Rules' and select 'New Rule...'
  3.In the Rule Wizard select 'Port' and click on 'Next'.
  4.Enter the port number you set for the Content Server, the default port is 1090,
  and click 'Next'.
  5. Select 'Allow the connection' and click 'Next'.
  6. Select the Profile for your network and click on 'Next'.
  7. Enter the name of rule, e.g. 'Content Server' and click on 'Finish'
  Hope that maintained host file also.
  Regrads,
  chandu.