Security of the SHA Family of Hash Functions
Good article on the insecurity of SHA-1 and the need to replace it sooner rather than later.
Posted on September 15, 2014 at 9:26 AM
Forcing transition to SHA-2 is good. But around the edges, are some very disturbing discussions.
Short-lived certs with 2-3 day expiration mean any SSL website can be removed from the internet within 2-3 days by the CA cartel. Consider if a politically inconvenient website has physical server in the freedom-loving Elbonia, and is widely known with hostname in the Elbonian ccTLD. But no CA "trusted" by all major browsers does business only in Elbonia. Revocation lists are not always checked, but expiration time is.
Key word is identity, key issue is control of identity as a strategic matter. Very convenient confusion results from too much focus on tactical matters with obvious solutions such as hash algo, online key rotation, etc. (while major players ignore or drag feet on best solutions).
Smart people here, please fill in the blanks. (I maybe put longer post... but I do not like long posts.) Smart people also mentioned how it doesn't matter to "certify" with a CRC32, when TLAs and criminals (redundant term) can so easily get a "valid" cert trusted by some trust root in major browsers' CA bundle. Now take it to the next level!
@Dave, hah. I honestly skimmed past your post before putting mine. I thought I had best illustrative hyperbole with CRC32. Cheers!
This message has a hidden signature using multiple very strong hashes (but my ownership of the key is "certified" by the NSA, via its human asset or compromised computer in a basement-operation CA reseller somewhere-in-the-world).
Sorry all for double post. I blame the NSA.
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.