DO NOT SHARE THESE DOCS WITH CUSTOMERS!

This is an LA release that will only be provided to a select number of PLM-sanctioned customers (PDFs only). Contact PLM for details.

Use of MD5 and SHA-256 as cryptographic hashing algorithms for message encryption can result in the same hash for different messages. Attackers may exploit the "collision" of same hashes, weakening the integrity of the encryption.

As a security measure against vulnerable raw hashes, Ribbon now uses digital signature based SHA-256 algorithm to verify the origin and integrity of signed software and data files. The most common usage of the SHA-256 algorithm for the SBC are as follows:

  • Generation of files with the extensions such as .iso, .ova, and .qcow2
  • Compressed files, such as cloudTemplates.tar.gz and createConfigDrive.tar.gz
  • Installation and upgrade packages


Note

For SBC Core 9.0, MD5 is used in the following scenarios:

  • Encrypted Store
  • SNMP (sonusSnmpAuthProtocolType)
  • NTP (sonusNtpKeyType)
  • BMC/BIOS