[SERVER-60601] Tech debt: MD5 should be limited to non-cryptographic usage Created: 11/Oct/21  Updated: 28/Aug/23

Status: Backlog
Project: Core Server
Component/s: Internal Code
Affects Version/s: None
Fix Version/s: None

Type: Question Priority: Major - P3
Reporter: Sergey Galtsev (Inactive) Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: former-quick-wins, tech-debt-security
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Security
Sprint: Security 2022-05-16, Security 2022-05-30, Security 2022-07-11
Participants:

 Description   

MD5 algorithm is not FIPS compliant, has known weakness and should not be used for cryptographic functions, especially in FIPS mode. At the same time, MD5 is routinely used in lieu of a hash function, which is permissible.

We need to make two copies of MD5 implementation: one as hash function, another as cryptographic. Copy/paste acceptable, but preferable mode for MD5-as-crypto function is to use OpenSSL of system-provided function, so that it could be disabled by system policy.

Disabling MD5 for crypto purposes should not affect using MD5 as hash. Therefore we should rename MD5 as hash to make it clear that this is not cryptographic function.


Generated at Thu Feb 08 05:50:15 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.