Microsoft increases the encryption strength

30-07-2012 11:33:00

This August, Microsoft will issue an update, which will block the use of cryptographic keys shorter than 1024-bit.

Modification is for Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows XP, Windows Server 2003 R2, Windows Server 2003 and Windows XP. The update will exclude using only those websites, platforms, applications and files that were signed with keys less than 1024-bits prior 1st January 2010.

Change should not be perceptible to internet users, because SSL certificates are issued for a specific period, after which it is necessary to renew the product according to current standards. It is estimated that nowadays most web applications and sites use encryption keys at least 2048-bit.

NIST (National Institute of Standards and Technology) is responsible for setting new safety on-line standards. Organization has announced that the next update for keys will be held at the end of 2013. This will be the moment of cancelling a 1024-bit keys.

Today, the only encryption key recognized by NIST is 2048-bit. Popularize the use of the key length it has been carried out for over 3 years, and from approximately 2 most CAs do not accept CSR files generated under this standard.

Source: Windows PKI blog

Recent Posts

Comodo is now Sectigo
09-11-2018 12:54:30

According to previous announcements, a year after the acquisition of Comodo Group by Francisco Partners, on November 1 Comodo CA announced that from now on it is changing its brand to Sectigo [pronounced. sec-tee-go]. The goal of rebranding is consistency in company communication and better dedication to what Comodo is doing now.

Comodo is now Sectigo
European Cyber Security Month 2018
27-09-2018 10:46:21

The European Union Agency for Network and Information Security (ENISA), which is the center of knowledge about cyber security in Europe, organizes as every year in October the European Cyber Security Month. The campaign is starting in a few days. What is its purpose and how can you participate in it?

European Cyber Security Month 2018
GDPR and SSL certificate. Is encryption necessary for compliance with the GDPR?
18-05-2018 15:47:40

General Data Protection Regulation (GDPR) is a 99-article regulation meant to protect the private data of Europeans in IT systems. Announced in 2016, covers a broad variety of topics and will go into effect as a requirement on May 25, 2018. GDPR applies to any company doing business in Europe even if it is located elsewhere.

GDPR and SSL certificate. Is encryption necessary for compliance with the GDPR?
more posts