The home stretch for SHA-1 deprecation is in full effect with Google on Wednesday announcing its final deprecation deadlines for the Chrome browser, and a cryptographic services provider warning that there’s still a long way to go to get sites off SHA-1 certificates.
Google said it will remove its support for SHA-1 certificates in Chrome 56, which is scheduled to be released at the end of January. Mozilla and Microsoft have already announced similar deprecation cutoff dates for early next year.
Venafi, which offers enterprises a number of crypto-related services and solutions, said today that 35 percent of websites are still using SHA-1 certificates, which have been considered weak for more than a decade and susceptible to collision attacks that allow attackers to spoof websites and steal data.
By early next year as browsers begin dropping support for SHA-1, they will begin dropping warnings onto users’ browsers that a site is considered unsafe.
“There’s still a lot of work to be done. Large businesses are coming to us that either have not started yet, or have tried to start and did not make great progress,” said Venafi vice president of security strategy Kevin Bocek. Bocek said clients are comparing the process of migrating away from SHA-1 to SHA256 or other safer algorithms to an unpleasant visit to the dentist. “Much of it is that teams just don’t know where to start.”
Google, meanwhile, made an additional provision in its announcement yesterday in that it will distinguish between certificates chained to a public Certificate Authority and those chained to local CAs.
“We recognize there might be rare cases where an enterprise wishes to make their own risk management decision to continue using SHA-1 certificates,” said Andrew Whalley of the Chrome security team.
With Chrome 54 currently available, site administrators may deploy the EnableSha1ForLocalAnchors policy, Google said. This policy deems that certs chained to local trust anchors may still be used after support has been removed in Chrome.
“Features which require a secure origin, such as geolocation, will continue to work, however pages will be displayed as ‘neutral, lacking security.’ Without this policy set, SHA-1 certificates that chain to locally installed roots will not be trusted starting with Chrome 57, which will be released to the stable channel in March 2017,” Whalley said. “Note that even without the policy set, SHA-1 client certificates will still be presented to websites requesting client authentication.”
Whalley was clear that the provisional policy allows admins additional time to migrate those certificates away from SHA-1. It will be in place until Jan. 1, 2019.
“As Chrome makes use of certificate validation libraries provided by the host OS when possible, this option will have no effect if the underlying cryptographic library disables support for SHA-1 certificates; at that point, they will be unconditionally blocked,” Whalley said. “We may also remove support before 2019 if there is a serious cryptographic break of SHA-1.”
Venafi, meanwhile, said that organizations of all sizes are struggling with SHA-1 migrations. Yet most have known about weaknesses in the algorithm since 2006. “For better or worse, problems related to encryption or certificates are probably the least understood and the hardest to understand,” Bocek said. “You see lots of training for firewall management, patch management, endpoint protection. Show me a queue for the orchestration of TLS. It’s definitely a skills challenge.”