Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8233607

Remove algorithms that use MD5 or DES from security requirements

    XMLWordPrintable

    Details

    • Type: CSR
    • Status: Closed
    • Priority: P3
    • Resolution: Approved
    • Fix Version/s: 14
    • Component/s: security-libs
    • Labels:
      None
    • Subcomponent:
    • Compatibility Kind:
      behavioral
    • Compatibility Risk:
      low
    • Compatibility Risk Description:
      Although we are removing the requirements, SE implementations can still support these algorithms or a 3rd-party JCE provider that supports them can be used. We are not removing the JDK implementations of these algorithms at this time.
    • Interface Kind:
      Java API
    • Scope:
      SE

      Description

      Summary

      Remove Java SE requirements to implement security algorithms based on DES or MD5.

      Problem

      To improve portability and interoperability, Java SE implementations are required to support a minimum set of cryptographic algorithms for various security APIs. It makes sense to periodically review these requirements and remove algorithms or modes that are known to be weak and of which usage has declined significantly, such as DES and MD5.

      Solution

      Remove Java SE requirements to implement security algorithms based on DES or MD5 from various security APIs. The relevant classes are:

      • java.security.AlgorithmParameters
      • java.security.MessageDigest
      • javax.crypto.Cipher
      • javax.crypto.KeyGenerator
      • javax.crypto.Mac
      • javax.crypto.SecretKeyFactory

      These requirements will also be removed from the Security Algorithm Implementation Requirements section of the Java Security Standard Algorithm Names specification.

      Specification

      See attached webrev-01.zip.

        Attachments

        1. webrev.zip
          407 kB
        2. webrev-01.zip
          406 kB

          Issue Links

            Activity

              People

              Assignee:
              mullan Sean Mullan
              Reporter:
              mullan Sean Mullan
              Reviewed By:
              Xue-Lei Fan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: