cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1290
Views
0
Helpful
3
Replies

RV320 only supports insecure, deprecated, hashing algo, SHA-1

Rasmus Rask
Level 1
Level 1

A while ago, I bought an RV320 and an RV220W, with the explicit purpose of setting up site-to-site VPN, primarily to do off-site backups.

The RV220W supports SHA-256 (and higher), but RV320 is stuck with SHA1 and MD5 - both considered insecure, SHA1 since the year 2005 - long before RV320 entered the market.

Please bring support for SHA-256 (or higher) to RV320!

3 Replies 3

bbx-cisco
Level 1
Level 1

Indeed.  It seems unusual only to have algorithms known to be susceptible to attack.  However, it has taken a while for some companies to go away from it; at least in their support policy.  Only in the last year or so have both Microsoft and Google announced their deprecation policy for SHA-1.

We can hope this will be one of the needed updates for a new firmware release... if there is to be one to follow 1.1.1.06's December 2013 update.

Don't get me wrong: I would not want Cisco to *remove* support for SHA1.

But in this day and age, having it as the *most* secure algo, simply isn't good enough.

Heck, the RV320's sibling, RV220W supports up to SHA512!

Please can you bring support for SHA-256 (or higher) to RV320.

The other product rv130 has got this feature, but not the RV320.

Thank you