Australia Moves To Drop Some Cryptography By 2030 – Slashdot
An anonymous reader shares a report: Australia’s chief cyber security agency has decided local orgs should stop using the tech that forms the current cryptographic foundation of the internet by the year 2030 — years before other nations plan to do so — over fears that advances in quantum computing could render it insecure.
The Land Down Under’s plans emerged last week when the Australian Signals Directorate (ASD) published guidance for High Assurance Cryptographic Equipment (HACE) — devices that send and/or receive sensitive information — that calls for disallowing the cryptographic algorithms SHA-256, RSA, ECDSA and ECDH, among others, by the end of this decade.
Bill Buchanan, professor in the School of Computing at Edinburgh Napier University, wrote a blog post in which he expressed shock that the ASD aims to move so quickly. “Basically, these four methods are used for virtually every web connection that we create, and where ECDH is used for the key exchange, ECDSA or RSA is used to authenticate the remote server, and SHA-256 is used for the integrity of the data sent,” he wrote. “The removal of SHA-256 definitely goes against current recommendations.”