Tuesday 20 October 2015

Nearly One Million Websites With "Unsafe" SHA-1 Algorithm


Recently demonstrated researchers that it is much cheaper to attack SSL certificates with the SHA-1 algorithm than previously thought. The Centre for Mathematics and Computer Science (CWI) in Amsterdam pleaded therefore for the SHA-1 algorithm rather to phase out.

Google Chrome sees SSL certificates with the SHA-1 algorithm already unsafe. Research by internet company Netcraft shows that there are still nearly one million SSL certificates with this sensitive algorithm in use. The number of certificates is expected to decline from 2016. The CA / Browser Forum, a consortium of certificate authorities, the parties who issue SSL certificates, then do not allow new certificates with the SHA-1 algorithm.

Although SHA-1 by Google Chrome is now as weak or insecure is seen this year still spent more than 120,000 SHA-1 certificates. Some of these certificates are valid until 2020, but will need to be replaced sooner. From 2017 all browsers will display these certificates namely unsafe.

No comments:

Post a Comment