Digital Signature Algorithms set to change?

When India started using Digital Signatures after the ITA 2000 was enacted, CCA had approved MD5 algortithm for hashing. Susequently, MD5 was disaccredited and SHA-1 was being used as approved algorithms. Global developments now indicate that time has come for users to move from SHA-1 to SHA-2 since SHA-1 has either been already cracked or is about to be cracked.

Related Article: 

Crypto experts inidcate that  by end of Dec 2015, Chrome may start providing browser warnings and by 2016-17, both Chrome and Microsoft may discontinue acceptance of SHA-1 in the applications. This may result in SSL/TLS authentication certificates need to be replaced by websites.

If SHA-1 is unreliable for SSL-TLS, it should also be considered unreliable for the Indian Digital Signature system which carries the judicial weight for non repudiation.

We are already in 2015 and many digital signature users may be using a 2 year  valid digital signature certificate which may overlap with the discontinuance of the SHA-1 certificates by the international community.

In order to preserve the sanctity of the Digital Signature system of India, it is necessary for CCA to take steps to migrate completely to SHA-2 which is already an approved system, by phasing out SHA-1 in time. Hopefully CA s are making necessary arrangements so that we are in tune with global security standards.

Naavi

 

Print Friendly, PDF & Email

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.