Microsoft Extends SHA-2, TLS Support for Windows

Microsoft announced that it has extended support for SHA-2 and TLS in supported versions of Windows.

One by one, tech companies have been tossing aside the SHA-1 cryptographic algorithm like the unreliable collision-prone mess that it is.

Microsoft was among the first to steer its customers away from SHA-1 and established an internal edict that its developers would no longer use it for code-signing or its certificates after January 2016.

Yesterday among the flurry of its Patch Tuesday security bulletins, Microsoft took another important step when it issued a pair of security advisories, one notifying users that it had made the SHA-2 algorithm available for Windows 7 and Windows Server 2008 R2. The other was an update for Microsoft EAP implementations that enables the use of Transport Layer Security (TLS) 1.1 or 1.2.

SHA-1 collisions have been theoretically possible for years; collisions occur when an attacker is able to generate a certificate with the same signature as the original cert. Though mathematically possible, a collision attack, even against a weakened SHA-1, would take significant hardware resources in order to execute.

That gap, however, is narrowing. In 2012, Bruce Schneier published research in which he concluded that collisions would be within reach of most hackers by 2018. Citing calculations done by Jesse Walker based on the cost of commodity microprocessors and evidence that Moore’s law will extend another decade, server-cycle costs would be around $173,000 on Amazon, well within reach of a funded attacker such as an organized crime group or nation state.

The use of fraudulent certificates would allow an advanced attacker such as a nation state to pose as Microsoft, Google or any site of their choosing.

The use of fraudulent certificates would allow an advanced attacker such as a nation state to pose as Microsoft, Google or any site of their choosing, putting web traffic and personal communication at risk. Google, and most recently Mozilla, have announced their road maps for SHA-1 deprecation. Beginning with an upcoming Chrome release in November, Google’s browser will no longer trust websites whose certificate chains trust SHA-1. Mozilla, meanwhile, asked Certificate Authorities and websites to upgrade to cryptographically stronger versions of the algorithm and said it would no longer trust SHA-1 certs after Jan. 1, 2017.

Microsoft’s decision to make SHA-2 available for Windows 7 means that it joins Windows 8, 8.1 and Windows Server 2012, 2012 R2 and Windows RT and RT 8.1, as Windows versions that already support SHA-2. Windows 8 and higher support it by default and do not require an update, Microsoft said, adding that the update is not available for Windows Server 2003, Windows Vista, or Windows Server 2008.

Microsoft’s decision to enable TLS for EAP implementations continues its push to encrypt its web-based services. In July, Microsoft announced that its webmail service Outlook.com supports TLS encryption inbound and outbound, in addition to Perfect Forward Secrecy. OneDrive cloud storage also enabled Perfect Forward Secrecy in July, Microsoft said. PFS randomizes private encryption keys, meaning that if a key is someday compromised, it cannot be used to decrypt old messages.

EAP, or Extensible Authentication Protocol, is the authentication framework used in Windows client and server rollouts. Windows 7, Windows Server 2008 R2, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT are enabled through the update to support TLS via a simple registry modification, Microsoft said. A hacker who is able to exploit an older version of TLS could carry out a man-in-the-middle attack, hijack traffic and steal information in plaintext from sessions thought to be encrypted.

This article was updated Oct. 16 clarifying that SHA-2 is available only for Windows 7 and up, and earlier supported versions of Windows will not support SHA-2.

Suggested articles

Discussion

  • Ryan Ries on

    I stopped reading at " ... the unreliable collision-prone mess that it is." How many actual SHA-1 collisions have been seen in the real world?
  • jeanna barrowstone on

    I received a call 10/27/2014 that indicated it was a three layered VoIP via Los Vegas. I seem to be able to receive phone calls but apparently I am walled in. Urls are grayed out. Twitter-Tumbler all have simple bright blue and white format- cannot get to ANY online accounts. The Vegas call went to voice mail. No message. My TTY has ACTIVATED! WAS THAT The Calvary? The two men on horseback yesterday 10/27/14. Paying way more attention than people out here when i was bringing in laundry... Should I be ALERT? *My Direct TV was interrupted by an emergency alert test for Los Angeles County. I am no where near California. Was that YALL? I searched Emergency Alert L.A. County and was directed to a download for Hopper and Dish. I believe another forced entry took place. YALL? I looked into who set up Apache! I had thought that open source was under attack...maybe it is a native uprising... 'Cynthia Ann Parker seeks Nacona or Quanah Parker'
  • jeanna barrowstone on

    i cannot get onto twitter. There are two different twit feeds it seems. #kaperskygss #Kapershygss !!!NOTICE CAPS!!!
  • jeanna barrowstone on

    This is the url that seems near normal even the '://' and '/' in my address bar are grayed out.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.