[Cryptography] Safe/Unsafe Hashing Algorithms in WinCrypt.h
Ankit Khandelwal
ankit.khandelwal.1980 at gmail.com
Thu Nov 19 08:51:35 EST 2015
Hello Everyone,
I am trying to make a list of safe hashing algorithms present in
WinCrypt.h. This list would be used to implement whitelist or blacklist
approach in my hash verification algorithm for Windows.
Reference:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa381133(v=vs.85).aspx
Below is the current status of the list, can anyone please provide some
inputs to it? As of now, I have added MDx family and SHA1 to the unsafe
list.
*szOID_RSA_HASH*
RSA signing (encryption) algorithm that uses a hashing algorithm to hash
the content before signing it.
*szOID_RSA_SHA1RSA*
RSA is used to encrypt the content and to sign the content hash created by
using the Secure Hashing Algorithm (SHA) algorithm.
unsafe
*szOID_RSA_SHA256RSA*
RSA is used to encrypt the content and to sign the hash created by using
the Secure Hashing Algorithm 256 (SHA256) algorithm.
safe
*szOID_RSA_SHA384RSA*
RSA is used to encrypt the content and to sign the hash created by using
the Secure Hashing Algorithm 384 (SHA384) algorithm.
safe
*szOID_RSA_SHA512RSA*
RSA is used to encrypt the content and to sign the hash created by using
the Secure Hashing Algorithm 512 (SHA512) algorithm.
safe
*szOID_X957_SHA1DSA*
Digital Signature Algorithm (DSA) coupled with the Secure Hashing Algorithm
(SHA) algorithm.
unsafe
*szOID_ECDSA_SHA1*
Elliptic curve Digital Signature Algorithm (DSA) coupled with the Secure
Hashing Algorithm (SHA) algorithm.
unsafe
*szOID_ECDSA_SHA256*
Elliptic curve Digital Signature Algorithm (DSA) coupled with the Secure
Hashing Algorithm (SHA256) algorithm.
safe
*szOID_ECDSA_SHA384*
Elliptic curve Digital Signature Algorithm (DSA) coupled with the Secure
Hashing Algorithm (SHA384) algorithm.
safe
*szOID_ECDSA_SHA512*
Elliptic curve Digital Signature Algorithm (DSA) coupled with the Secure
Hashing Algorithm (SHA512) algorithm.
safe
*szOID_OIWSEC_shaDSA*
NIST OSE Implementors' Workshop (OIW) Security Digital Signature Algorithm
(DSA) that uses the Secure Hashing Algorithm (SHA) to hash the message
contents.
*szOID_OIWSEC_shaRSA*
NIST OSE Implementors' Workshop (OIW) Security RSA algorithm coupled with
the Secure Hashing Algorithm (SHA).
*szOID_OIWSEC_sha*
NIST OSE Implementors' Workshop (OIW) Security Secure Hashing Algorithm
(SHA).
*szOID_OIWSEC_dsaCommSHA*
NIST OSE Implementors' Workshop (OIW) Security Digital Signature Algorithm
(DSA) coupled with the Secure Hashing Algorithm (SHA).
*szOID_OIWSEC_keyHashSeal*
NIST OSE Implementors' Workshop (OIW) Security hashing algorithm.
*szOID_OIWSEC_md2RSASign*
NIST OSE Implementors' Workshop (OIW) Security RSA algorithm coupled with
the Message Digest (MD2) hashing algorithm.
unsafe
*szOID_OIWSEC_md5RSASign*
NIST OSE Implementors' Workshop (OIW) Security RSA algorithm coupled with
the Message Digest (MD5) hashing algorithm.
unsafe
*szOID_OIWSEC_sha1*
NIST OSE Implementors' Workshop (OIW) Security Secure Hashing (SHA1)
algorithm.
unsafe
*szOID_OIWSEC_dsaSHA1*
NIST OSE Implementors' Workshop (OIW) Security Digital Signature Algorithm
(DSA) that uses the Secure Hashing Algorithm 1 (SHA1).
unsafe
*szOID_OIWSEC_dsaCommSHA1*
NIST OSE Implementors' Workshop (OIW) Security Digital Signature Algorithm
(DSA) that uses the Secure Hashing Algorithm 1 (SHA1).
unsafe
*szOID_OIWSEC_sha1RSASign*
NIST OSE Implementors' Workshop (OIW) Security RSA algorithm that uses the
Secure Hashing Algorithm 1 (SHA1).
unsafe
*szOID_OIWDIR_HASH*
NIST OSE Implementors' Workshop (OIW) Directory generic hashing algorithm.
*szOID_OIWDIR_md2RSA*
NIST OSE Implementors' Workshop (OIW) Directory RSA algorithm coupled with
the Message digest (MD2) hashing algorithm.
unsafe
*szOID_NIST_sha256*
Secure hashing algorithm (SHA) that uses a 256 bit key.
safe
*szOID_NIST_sha384*
Secure hashing algorithm (SHA) that uses a 384 bit key.
safe
*szOID_NIST_sha512*
Secure hashing algorithm (SHA) that uses a 512 bit key.
safe
--
Thanks,
@Ankit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151119/1c17027c/attachment-0001.html>
More information about the cryptography
mailing list