Now that SHA-1 has been broken it’s time for enterprises that have ignored its potential weakness for years to finally act, and it’s not that hard.
The most common use of the hash function is in securing SSL and TLS connections, and to get rid of SHA-1 in that use is to utilize browsers and servers that don’t support it. Depending on the size of an organization, this isn’t onerous, says Paul Ducklin, a senior security advisor at Sophos. (See his excellent description of the problem with SHA-1 and other hashing algorithms.)
+More on Network World: Cisco deepens enterprise network virtualization, security detection of DNA suite+
Upgrading these SHA-1 certificates ought to be a housekeeping activity. “It shouldn’t be that difficult,” Ducklin says. “It should be part of your operational DNA.”
But the fact is that it hasn’t been, despite warnings from seven years ago that SHA-1 was susceptible to attacks, at least theoretically.
SHA-1 may be lurking in less common places, says David Maxwell, CSO at InfoSec Global, an adaptive cryptography firm. It is embedded in many software programs. Applications typically call on crypto libraries to access hashing functions that the applications specify, so changing which function to use can involve a lot of work.
+More on Network World: Ransomware 'customer support' chat reveals criminals' ruthlessness+
Content management systems and code-revision systems may use SHA-1 as well, as a means to identify files and to ensure they haven’t been tampered with, Ducklin says. If these systems are bought from third parties, businesses should ask the vendors whether they employ SHA-1 and when they are going to fix it.
There’s no way to make it easier to swap in a different hash function in legacy applications, says Maxwell, but it is possible to write an easier method into new code using what he calls crypto-agility.
That’s writing applications so that when they call for hash functions they do so from a discrete module software that can be altered relatively simply. So when the app calls on the library, it seeks a list of all the hashes available and then chooses the appropriate one. Which it selects can be quickly changed, he says.
The reason to use crypto-agility is that as hashes get better, the math and machines needed to crack them also improve, he says. “It would have been great if you’d done it yesterday,” Maxwell says, to avoid having to throw a lot of effort into upgrading now. “If you scramble today, wouldn’t you rather not have to scramble next time?”
Since the successful attack on SHA-1 required the massive computing capabilities of Google, it’s likely only those with vast resources will be using this attack anytime soon, Ducklin says. So even though it’s proven to be exploitable, as a practical matter attacks against SHA-1 are very unlikely anytime soon.
“You can kind of do nothing and get away with it,” he says, but you shouldn’t.