Microsoft is planning for the beginning of 2016 to start phasing out support for the sha-1 hashing algorithm. Windows software that is signed with a certificate, and websites in Internet Explorer and Chrome, are only familiar with a sha-2 hash.
Certificate authorities must, by 1 January 2016 to stop the issuing of certificates in which sha-1 is used, according to Microsoft. This applies to certificates used for ssl/tls and signing of software that runs on Windows. Existing ssl certificates with sha-1 after January 1, 2017 no longer supported; this has consequences for users of Internet Explorer, and Chrome. Firefox has a private certificatendatabase. The certificates for the signing of software to be used after 1 January 2016 will only be accepted if they already were issued, until Microsoft decides that the sha-1 algorithm was cracked.
All certificates would be from now on with the more secure sha-2 algorithm should be issued, according to Microsoft. That has consequences for users of old software: Service Pack 2 of Windows XP and earlier Windows versions do not support sha-2. Incidentally, Microsoft will be the situation in 2015 to re-evaluate and determine if the phase out is continued.
Sha-1 is a hashing algorithm that is used to maintain the integrity of a message can verify. It can be used in ssl/tls. This is sha-1 not be responsible for encrypting the message: the algorithm is only used to ensure that the message has not been tampered with. That is important, because, for example, the secure internet banking is not only about encryption: it should also be able to be controlled, or none of the connection aftapt and then re-encrypts. Without hashing algorithms are connections are encrypted, but the confidentiality of internet not guaranteed.
A hashing algorithm is determined when abuse may be made of hash collisions: that is the case when multiple messages have the same hash. If an attacker has a message so knows how to manipulate that the hash is correct, despite the fact that the message is manipulated, the integrity of the message is no longer guaranteed. There is still no practical attack on sha-1 known, but research into vulnerabilities in sha-1 is also increased: last year knew the Dutch cryptografiedeskundige Marc Stevens of CWI to an improved theoretical attack on sha-1 to develop.
“There are attacks possible for researchers now is just out of range, but that large states or administrators of botnets can achieve,” said Stevens against Tweakers. According to him, attacks on sha-1 becomes more costly than md5, because they require more computational effort, but, as the computing power grows there is a greater risk. Therefore, he is glad that sha-1 will be phased out, but that is only in 2016 that happens is perhaps a bit late, fear Stevens. “I’m afraid we’re a bit behind the facts of calls,” says Stevens, as with md5 already happened: that the algorithm was still been used after specific attacks. Stevens has a tool released that can be verified or there has been tampered with, a hash.
Incidentally, warns Microsoft at the same time that websites and businesses are no longer the rc4 encryption algorithm to use in ssl/tls certificates. A safer choice is aes-gcm, according to Microsoft. Rc4 dates back to 1987, but it’s already long time clear that the random number generator of the algorithm is not working properly.