February 20, 2005

84 words 1 min read

DOWN WITH SHA-1

As I’m sure many have seen this bit in Bruce Schneier’s Blog about SHA-1 being broken. And we already know DES sucks. What I would love to know is how AES encryption is doing in the grand sceme of things. Right now I use KeePass (a very nifty open source project, I highly sugest checking it out) and it uses AES256bit. I know also that many IPSec VPN devices use AES/SHA-1 for their encryption. So how long until we have to upgrade thoes boxes?