Sunsetting SHA1 / RSA
SHA-1 hash protocol has been know susceptible from collision attacks from long time ago. There is a generalized push on the web leaded by Google [1][2] to sunset SHA1 digest into more strong cyphers like SHA2 algorithms family, so we are in need to keep things fit. We are now signing our new RPMs with SHA256.
On the other hand our current signing key uses DSA cryptographic algorithm with a 1024 bits length key we must say it has done a great job during latest years but nowadays is short enough to be breakable. On 2011 NIST published a document with recommendations transitioning algorithms and key lenghts [3] stating that 1024 length keys would be disallowed after 2013. Again we are late!
We were not able to verify RPM signed with a DSA 2048 key using SHA256 on the RPM, unverifiable signature errors appeared
Also DSA seems to be able to recover private keys depending on how the keys have been generated [4], Debian developers do not want DSA on their repos [4], so we decided to change our cryptographic algorithm to RSA, we will spend more time signing packages but you will install Abiquo faster [6].
What means all this? From now on you must install our new shining key on your servers if you want to be able to upgrade Abiquo to its latest versions. Starting with Abiquo 3.1.4 and the incoming 3.2.2 version. To do this you must run:
rpm --import http://mirror.abiquo.com/RPM-GPG-RSA-KEY-Abiquo
[1] http://googleonlinesecurity.blogspot.com.es/2014/09/gradually-sunsetting-sha-1.html
[2] https://konklone.com/post/why-google-is-hurrying-the-web-to-kill-sha-1
[3] http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf
[4] http://rdist.root.org/2010/11/19/dsa-requirements-for-random-k-value/
[5] https://lists.debian.org/debian-devel-announce/2008/05/msg00004.html
0 Comments