March 31, 2016 to April 1, 2016
Intercontinental Buenos Aires
America/Buenos_Aires timezone

Algorithm roll-over experiences

Apr 1, 2016, 4:30 PM
30m
Montserrat (Intercontinental Buenos Aires)

Montserrat

Intercontinental Buenos Aires

Buenos Aires, Argentina

Speaker

Anand Buddhdev (RIPE NCC)

Description

Algorithm roll-overs are part of any security system, because older algorithms lose their strength, and stronger and newer algorithms come along. At the RIPE NCC we recently rolled our algorithm from SHA1 and to SHA256. We had some interesting issues, and I'd like to talk about them, especially as more people may want to consider rolling their algorithms now. Amongst these issues were things like software support, testing, planning of the roll-over and timing issues.

Summary

The RIPE NCC's experiences with rolling DNSSEC signature algorithm from SHA1 to SHA256.

Primary author

Anand Buddhdev (RIPE NCC)

Presentation materials