The Problem with SHA-1: Updating Your Security Certificate
Learn why SHA-1 just isn’t cutting it for security anymore.
By: Chase Palmer |
What is SHA?
Contrary to popular belief, SHA is not an encryption. SHA stands for Secure Hashing Algorithm, which takes a bunch of data, runs it through some algorithms, and reduces it down to a small summary, or a digest. A digest is a 40-character hexadecimal string that looks like a bunch of gibberish that represents the original data. The same data put through the process should result in the same hash every time. If any part of the data has changed, the resulting hash will be different, which would notify any recipient that the data may have been tampered with.SHA is used for digital signatures and security certificates. SHA is also used in code verification and email signatures. It has a lot of applications, but the primary application is used in SSL certificates. An SSL certificate is given a signature that’s provided by an authority. You can verify that a certificate is correct through SHA-1 hashing. It’s a way the communications systems can trust they’re talking to the right server/computer.
There are three different types of SHA: SHA-1, SHA-2 and SHA-3. SHA-1 is where some of the problems are happening in data security.
What’s the problem with SHA-1?
The way SHA-1 is supposed to work is no two pieces that run through the process should ever equal the same hash. SHA-1’s hash is a 160-bit long—a string of 160 ones and zeros. This means that there are 2160, or 1.4 quindecillion (a number followed by 48 zeros) different combinations. Normally this would be enough to deter any brute force attacks.However, because the number of possible hashes is finite, but the possible combinations of data input are infinite, we sometimes run into what is called a collision.
A collision is where two pieces of data will end up with the same hash. How is this possible? In statistics, there’s a phenomenon called “the birthday paradox,” which is: if you get at least 23 people in a room the probability of finding two people that share the same birthday is at least 50%. Applied to SHA-1, this means the strength of SHA-1 is more equated to a string that is 280, which means only about half of the effort is required to find a collision.
The vulnerabilities in SHA-1 open the way to several types of attacks, particularly phishing and man-in-the-middle attacks.This vulnerability allows hackers to act as a Certificate Authority (organizations that issue SSL certificates) and sign certificates using a key that appears to be from a true Certificate Authority. From there, hackers can exploit other vulnerabilities to direct web traffic to a malicious website and present a seemingly valid certificate for the original website. The browser will check the signature of the rogue certificate against the list of trusted signatures/hashes that are built into browsers, see the certificate has been signed by a trusted Certificate Authority, and connect to the website.
From there, a hacker can intercept any information entered into the website by the user. Meanwhile, the user believes they’re on the correct and secure website because they see the HTTPS address and/or the padlock icon somewhere on their browser.
Cryptologists have worked to improve the SHA process and make it much more difficult to find two pieces of info that create the same hash. SHA-2 and SHA-3 are results of that effort,
What’s being done?
As a user, there is not much that needs to be done. Most browsers are already updated to handle SHA-2 and SHA-3. However, anyone hosting a website protected by an SSL certificate will need to pay attention. All of the major browser vendors have stated that due to the vulnerability in SHA-1, between now and January 1, 2017, they will start displaying warnings to users that the SSL certificates in use may not be secure. After January 1, 2017, all certificates signed with SHA-1 will be rejected and a connection will not be made.Because of the significant impact of this weakness, there has been talk of even pushing the January 2017 date to as early as June 2016.
While the SHA-1 to SHA-2 migration isn’t being pushed directly by the Payment Card Industry, it may have an impact on merchants attempting to reach and maintain compliance. SSL Certificates signed by SHA-2 or SHA-3 are only supported by TLS 1.2 and 1.3. According to the PCI DSS, all versions of SSL and TLS 1.1 or newer are no longer considered sufficiently secure for protecting data.
Merchants with existing implementations in place prior to April 2015 were given until July 2018 to make the migration to TLS 1.2, but the SHA-1 to SHA-2 migration may push you to update to TLS 1.2 much sooner than that.
What are people worried about?
People are afraid the change from SHA-1 to SHA-2 will more or less break the Internet. They fear the mass migration will overload the Internet and cause damage. But it won’t, because SHA-1 and SHA-2 has nothing to do with web coding.Everything with SHA is happening behind the browser. So it’s up to the browser to negotiate that “handshake.” The key is the browser needs to be current to use SHA-2 or SHA-3.
The good news is the latest version of nearly every browser will be able to support SHA-2 and SHA-3. Unless you’re using a very old browser, there shouldn’t be problems.
On the server side there may be more problems. If the SSL certificates used for the server/website aren’t updated to SHA-2 by January 2017, the browser will not trust the certificate and users will receive warnings of untrusted/unsecure connections.
What is SecurityMetrics doing?
While we don’t issue security certificates, we can help companies with problems with SHA-1. We vulnerability scans, and we scan the certificates to see if they are secure.pick up the vulnerabilities in our
If the certificate isn’t secure, it will show up as a weak encryption. This can help you see where your business may be using SHA-1 and help you strengthen your security.
What should you do?
Contact your certificate authority on getting a new certificate with a SHA-2 signature. This is particularly important for companies that are using their own server. This impacts anyone who accesses your website.Here are some additional things to you should do to protect your network:
- Update browsers and servers
- Implement all security patches
- Migrate from using SSL to TLS encryption
- Have your network scanned regularly for vulnerabilities
- Restrict access to your servers to prevent social engineering
Need help with data security? Talk to our consultants!
Chase Palmer is the Senior Program Manager and has been working at SecurityMetrics for seven years. He manages the company’s largest corporate partners in running mass Level 4 PCI DSS programs worldwide. Chase has a Bachelor’s degree in Business Management from Western Governor’s University. He currently lives in Provo, Utah, and he loves everything about motorcycles.