Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1534
Views
0
Helpful
1
Replies

IKE Phase 2 - security risk with SHA1?

Phil Friend
Level 1
Level 1

‎09-04-2017 12:17 PM - edited ‎03-12-2019 04:31 AM

Hi all,

Due to a 3rd party limitation for IKE phase 2, my company is being requested by them to use SHA1 for the integrity check on our site to site VPN with the 3rd party.

Can anyone specifically outline the security risk this may result in - if any ?

Kind regards,

Phil.

Labels:
0 Helpful
1 Reply 1

Philip D'Ath
VIP Alumni
VIP Alumni

‎09-05-2017 02:49 AM

SHA1 is considered cryptographically too weak for new deployments. You should really be using SHA2, such as SHA256, SHA384 or SHA512.
0 Helpful
Customers Also Viewed These Support Documents