… plans emerged last week when the Australian Signals Directorate (ASD) published guidance for High Assurance Cryptographic Equipment (HACE) – devices that send and/or receive sensitive information – that calls for disallowing the cryptographic algorithms SHA-256, RSA, ECDSA and ECDH, among others, by the end of this decade.
With regard to the algorithms used to hash data – particularly SHA-224 and SHA-256 – Buchanan expressed surprise that neither will be approved for use beyond 2030.
“The migration within five years will not be easy, as every single web connection currently uses ECDH and RSA/ECDSA,” he wrote. “These methods are also used for many other parts of a secure infrastructure.”
6·5 hours ago