SHA1 Deprecation: What You Need to Know?

WHAT IS SSL? Secure Sockets Layer (SSL) is a protocol for enabling data encryption on the Internet and for helping web site users confirm the owner of the web site. SSL is most commonly used to protect communications between web browsers and servers. However, it is increasingly used for server to server communications and for web-based applications. Please check the Browser Update site for more information.

The news is that SHA1, a very popular hashing function, is on the way out. Strictly speaking, this development is not new. The first signs of weaknesses in SHA1 appeared (almost) ten years ago. In 2012, some calculations showed how breaking SHA1 is becoming feasible for those who can afford it. In November 2013, Microsoft announced that they wouldn’t be accepting SHA1 certificates after 2016.

However, we’re in a bit of a panic now because Google followed up to say that they will soon start penalising sites that use SHA1 certificates that expire during 2016 and after. This is a major policy change that requires immediate action—according to SSL Pulse, only 15% sites use SHA256 certificates in September 2014. For more information, follow Qualys Security Community News.

What is encryption and why are there different levels?

Encryption is a mathematical process of coding and decoding information. The number of bits (40-bit, 56-bit, 128-bit, 256-bit) tells you the size of the key. Like a longer password, a larger key has more possible combinations. When an encrypted session is established, the encryption level is determined by the capability of the web browser, SSL certificate, web server, and client computer operating system.

Microsoft and many other vendors are phasing out support for SHA1 certificates and some vendors have published timelines when these certificates will no longer be trusted on their platforms or by their applications.
Therefore, it is recommended that you review your affected Comodo (and other) SHA1 certificates and prepare a plan to replace those certificates in accordance with the key dates identified by vendors, when these certificates will no longer be trusted.

Before this most recent development, the advice was very simple: don’t use SHA1 certificates past 2016. Google’s decision complicates things: now it’s no longer safe to use SHA1 (with Google Chrome) even during 2016. For some sites there won’t be a satisfactory outcome no matter what they do: if they want to maintain an error-free presence with Chrome they might need to cut off some older clients. AusCert News.

What does browser recognition mean?

When a browser or operating system encounters an SSL certificate, it checks to make sure that the certificate is valid and trusted. An SSL certificate is trusted if it is signed by a “trusted” or pre-installed root certificate. If a browser that does not contain the root CA certificate used to issue the SSL certificate, a security warning will alert them.

Same goes for CSR. A CSR is a public key that you generate on your server according to your server software instructions. (If you do not have access to your server, your web host or Internet service provider will generate it for you.) The CSR is required during the SSL certificate enrollment process because it validates the specific information about your web server and your organization.

And the key pairs? SSL uses unique cryptographic key pairs: each key pair consists of a secret private key and a related public key. Information encrypted with a public key can only be decrypted with the corresponding private key, and vice-versa.

The SHA-1 cryptographic hash algorithm has been known to be considerably weaker than it was designed to be since at least 2005 — 9 years ago. Collision attacks against SHA-1 are too affordable for us to consider it safe for the public web PKI. We can only expect that attacks will get cheaper.

That’s why Chrome will start the process of sunsetting SHA-1 (as used in certificate signatures for HTTPS) with Chrome 39 in November. HTTPS sites whose certificate chains use SHA-1 and are valid past 1 January 2017 will no longer appear to be fully trustworthy in Chrome’s user interface.

What if you need to support older clients?

Any older clients don’t support SHA256, but the real question is which of those are relevant? The answer will vary depending on the site. For detailed information on client capabilities, head to GlobalSign, which maintains a detailed summary of SHA256 support for a large number of platforms.

On the desktop, Windows XP introduced SHA256 in Service Pack 3. Users running SP2 should be able to upgrade to SP3. Depending on a site’s profile, a significant chunk of the user base might be running XP. This operating system is still very popular in China and there is also strong anecdotal evidence that it remains widely used in some large organizations.

Among the mobile platforms, Android added SHA256 support in version 2.3. Earlier versions—still used in large numbers—support only SHA1.

Technically, it’s possible to have the best of both worlds by providing SHA256 certificates to modern clients and serve SHA1 to those that can’t do better. Indeed, there’s nothing to say that a site can’t use more than one certificate at the same time. This approach is ideal for transitions such as this one. At this time, a site could use two certificates: ECDSA+SHA256 for modern clients and RSA+SHA1 for older clients.

Unfortunately, this feature might not be available for your favourite platform. As far as I am aware, Apache is the only major server to support multiple certificates. If you’re running Apache and are willing to play with dual certificate deployment, you’re in luck. As for other platforms, CloudFlare and Yahoo have stated that they will add support to Nginx and Apache Traffic server, respectively.

As to the history: SHA-1’s use on the Internet has been deprecated since 2011, when the CA/Browser Forum, an industry group of leading web browsers and certificate authorities (CAs) working together to establish basic security requirements for SSL certificates, published their Baseline Requirements for SSL. These Requirements recommended that all CAs transition away from SHA-1 as soon as possible, and followed similar events in other industries and sectors, such as NIST deprecating SHA-1 for government use in 2010.

Note: We’re offering complete support for SSL Certification, WordPress Secure Business Hosting, Secure Service Installations, SiteLock Security and CodeGuard Services. If you have any questions regarding SSL and Security on your website, Contact us.