Wednesday, April 22, 2009

Using SHA-1 as message digest algorithm instead of MD5

In the light of a comment dropped by T.Rob in my previous post "A First Look at using MQ with SSL", I did some rough browsings about MD5 vulnerabilities and would like to share some of the links here.

Tim Callan's SSL Blog

SearchSecurity - VeriSign addresses MD5 flaws

Wiki - MD5

MD5 considered harmful today

The truth about the new attack on MD5 signatures

I guess for development purposes, it's ok for using MD5 based finger print/digital signature. We should now avoid using MD5 to perform critical application level hashing to prevent potential security issues. SHA-1 apparently is a better choice now even though it is theoretically vulnerable to the same issue albeit requires more significant processing power to do the trick.

Note that iKeyMan GUI, runmqckm (MQ 6.0) and Java keytool program uses MD5 as default signing algorithm.

For Java keytool, you can use the -sigalg SHA1withRSA option to override the default.

For strmqikm and runmqckm (MQ 7.0 uses sha1 by default, check here ), you can use GSKCapiCmd instead because it allows the specification of -sigalg sha1 to use SHA-1 algorithm


There's another way I found from the comments:


Option B is to acquire any IBM Java 6 JRE, add the IBMCMSKS provider to
java.security, and use the bundled ikeycmd or your /bin/gsk7cmd with
JAVA_HOME pointing at the new JRE -- sig_alg will be accepted there as well.

--
Eric Covener







No comments: