07 Mar 2017
SHA-1 Collision Research Further Highlights Weakness
Time to start migrating all Digital Certificates to SHA-2
The SHA-1 hashing algorithm was first published in 1995. It is not surprising that over the course of all of those years that weaknesses have been exposed due to mathematical and technological advancements. Even as far back as 2004, Bruce Schneier stated it was possible to break SHA-1.
In 2014, the CA/Browser Forum then announced the deprecation of SHA-1 SSL/TLS Certificates and the need to migrate to the newer more secure SHA-2 hashing algorithm. That deadline has now since passed at the beginning of this year. If you didn’t migrate to SHA-2 in time, your website(s) is now showing up in browsers as untrusted or not secure. In preparation, GlobalSign published many blog articles, informed our customers and worked with the press to make sure the word was out there on how to migrate from SHA-1 to SHA-2. GlobalSign stopped issuing SHA-1 SSL/TLS Certificates in January 2015.
Examples in Chrome with a SHA-1 certificate past the deadline
Now, just in the last few weeks, Google and the CWI Institute in Amsterdam announced the first practical technique for generating a SHA-1 collision, known as the SHAttered attack. The proof of the attack is seen in two PDF documents that have identical SHA-1 hashes but different content. What this means in the real world is that a hacker can use this collision to deceive systems that rely on hashes to accept a malicious file that they thought was legitimate. While this attack takes an enormous amount of computational power, a well-funded hacker could have the ability to replicate this and generate SHA-1 collisions.
This image from Shattered.io shows how the SHA-1 collision can result in two different documents having the same hash.
Where Do We Go from Here?
The CA/Brower Forum, which is made up of the world’s leading Certificate Authorities (CAs) and internet browser software vendors, put a tremendous amount of effort into the SHA-1 SSL/TLS deprecation plan to ensure a smooth migration to SHA-2 by the imposed January 2017 deadline. With just a handful of internet browsers, the SHA-1 SSL/TLS deprecation was well controlled and executed. Many industry experts have deemed it a success.
Where things start to get murky is the usage of SHA-1 Client Certificates that many enterprise applications rely on for authentication, encryption and document and code signing. There has not been the same hard mandate to deprecate SHA-1 Client Certificates as the CA/Browser Forum set for SSL/TLS Certificates. CAs like GlobalSign have been and are recommending that organizations migrate all of their certificates to SHA-2. But, without a hard deadline, the push to migrate is slow to happen. Additionally, organizations are worried that migrating to SHA-2 Certificates may result in interoperability issues and downtime if not properly and thoroughly tested. This takes a lot of time and resources to test and rollout.
What Is GlobalSign Doing?
As mentioned earlier, GlobalSign is recommending that you migrate to SHA-2 Certificates and is stating such in the certificate ordering and renewal process. We are also starting to put timelines and plans in place for when we will consider stopping the issuance of SHA-1 Certificates altogether. While those timelines to fully stop issuing SHA-1 Client Certificates are not yet determined, we will look to provide more information and communications to our customers ahead of any scheduled plans so customers are well informed and prepared.
GlobalSign respects that migrating all Client Certificates from SHA-1 to SHA-2 could be a major project for any organization’s IT team. As certificates come up for renewal or you need to order new certificates, we are highly recommending you move to SHA-2 now. We also have solutions that can enable you to automate and manage your certificate lifecycle to reduce this burden on your staff and ensure the security of your environment. We want to support you now so that you are not left vulnerable to a potential attack. If you need assistance, we welcome you to contact us today and we can help you with your SHA-2 migration plan.
Share this Post