Use of MD5 and SHA-256 as cryptographic hashing algorithms for message encryption can result in the same hash for different messages. Attackers may exploit the "collision" of same hashes, weakening the integrity of the encryption.
As a security measure against vulnerable raw hashes, Ribbon now uses digital signature based SHA-256 algorithm to verify the origin and integrity of signed software and data files. The most common usage of the SHA-256 algorithm for the SBC are as follows:
- Generation of files with the extensions such as
.iso,.ova, and.qcow2 - Compressed files, such as
cloudTemplates.tar.gzandcreateConfigDrive.tar.gz - Installation and upgrade packages
Note
For SBC Core 9.0, MD5 is used in the following scenarios:
- Encrypted Store
- SNMP (
sonusSnmpAuthProtocolType) - NTP (
sonusNtpKeyType) - BMC/BIOS
Overview
Content Tools