At least 21 percent of all public websites are using insecure SHA-1 certificates – past the migration deadline and after Google researchers demonstrated a real-world collision attack. And this is without taking into account private or closed networks that also might be using the hash.
Security vendor Venafi actively captures and identifies digital certificates through public scanning and data from third parties, and the company says this means it has the largest database of digital certificates in the world.
SHA-1 – Secure Hash Algorithm – was once considered one of the more secure hashes but for years now most of the biggest internet companies, including Microsoft, Google, and Apple have urged migrating to SHA-2 or SHA-3.
Microsoft shifted the deadline to February this year, and SHA-1 will now be treated as an untrusted certificate.
Delaying an upgrade will expose organisations to attacks, and practically speaking, browsers will begin to display warnings on websites that have not shifted on from SHA-1, and the HTTPS notice will not appear as secure in the address bar. Websites could also suffer from slowdowns or performance problems or be blocked entirely.
"This is really the tip of the iceberg," Kevin Bocek, chief security strategist for Venafi, tells Computerworld UK. "If you look behind the firewall on closed, non-public networks you’re going to find even more – we still even find the MD5 certificates on closed networks, and that’s the predecessor to SHA-1."
In February a team of researchers from Google and the CWI Institute in Amsterdam demonstrated a successful collision attack on SHA-1 – a way to break open the cryptographic with two files that produce the same hash. Google goes into further detail on its security blog.
Although cracking the hash was the product of two years of research and considerable resources, now that it has been proven to be possible it won’t be long before attacks appear in the wild. A successful collision attack could be used to fake certificates that seem legitimate or conduct man in the middle attacks on SSL/TLS connections.
Venafi checked the digital certificates of 33 million publicly visible IPv4 websites using its TrustNet product and found that at least one in five unique IP addresses are still using SHA-1.
Bocek says that the infamous Heartbleed attack – which played on a flaw in OpenSSL, one of the most widely used encryption tools at the time – showed that while organisations were better at patching, they were still slow on cryptography.
"We’ve got pretty good at patching but having agility in cryptography? We’re not very good," he says. “We don’t have the skills, we don’t have the automation in place, let alone the visibility. Heartbleed showed we really don’t have the processes in place."
Bocek recommends that organisations that have not replaced their SHA-1 certificates map out their full business networks.
"You need to understand not only your public-facing website, but also your private networks," he says. “We use so much of the cloud and business is so distributed that you need to have an understanding of what is associated with your business."
"Often, organisations are shocked by the number of websites, servers, and then the corresponding digital certificates – IT security had no idea about it."
Organisations should then replace and then validate these replacement certificates – preferably aided by automation to hasten the process. "The third step is tracking to success," says Bocek. "It’s one thing to get some of them done – but you need to report to the business, to the board that this is done."
"This is a vulnerability we’ve known about – we knew the deadline was coming for SHA-1 and that it needs to be replaced, and generally we had an idea when a collision would occur."