SSL certificates that use the SHA-1 hash algorithm for their signature are expected to be rejected by major browsers over the course of 2016, but Facebook and CloudFlare are pledging for a delayed sunset of the cryptographic hash algorithm.
According to CloudFlare’s Matthew Prince, while the move to a more secure standard is welcomed, the death of SHA-1 is expected to result in many users being unable to access websites that still use the algorithm. He notes that SHA-2 support is limited and that millions of users will be cut off from websites they are accessing daily.
Researchers have been finding flaws in SHA-1 since 2005, over ten years ago, and the use of this algorithm has been deprecated since 2011, with the industry urged to move to the more secure SHA-2. Starting with January 1, 2016, most Certificate Authorities won’t issue new SHA-1 certificates, while the move from the insecure standard is expected to be completed by January 1, 2017.
Prince notes that desktop computers running Windows XP older than Service Pack 3 versions and pre-Gingerbread Android devices don’t support SHA-2 and that many of them are still in use today. Data gathered from CloudFlare’s network revealed that 1.69 percent of the browser connections require SHA-1, which translates into roughly 37 million people still using devices that lack support for the new standard.
“That’s the equivalent of the population of California not having access to encryption unless they upgrade their devices. As SHA-2 only sites proliferate, if these users on SHA-1-only browsers try and access an encrypted site, they’ll see an error page that completely blocks their access,” Prince explained.
He also notes that, while over 99 percent of browsers used in North America include SHA-2 support, things are different in other areas of the world. In China, for example, 6.08 percent of browsers lack the support, while 5.39 percent in Cameroon, 5.25 percent in Yemen, 4.69 percent in Sudan, and 4.85 percent in Egypt are lacking.
A list of 25 countries with the lowest SHA-2 support, cross-checked with data from large Internet providers who had conducted similar surveys, shows they represent the poorest, most repressive, and most war torn countries in the world. Basically, already vulnerable people who might need encrypted Internet the most will be cut off from multiple websites as soon as SHA-1 sunsets.
To avoid this situation, CloudFlare proposes that SHA-2 signed certificates be served for modern browsers, and that websites fall back to SHA-1 certificates for browsers that cannot support the new algorithm. “That ensures modern browsers can deprecate SHA-1 but we can continue to support users in the developing world on legacy devices,” Prince says.
The company has already made the first step in this direction, providing all paid CloudFlare customers with support for SHA-1 fallback. Business and Enterprise customers can disable the fallback from the Crypto Application in the CloudFlare control panel, and Pro customers will be able to do the same before year’s end.
Other companies around the world are also supporting SHA-1 fallback, including Alibaba and Facebook, along with other website owners in China, Russia, and other countries. According to Prince, the company this week added 4,000 sites of the top 100,000 to the list of non-CloudFlare sites that support SHA-1 fallback.
CloudFlare has been working with Mozilla, the maker of Firefox browser, for the development of their SHA-1 fallback feature, and the company plans on making the algorithm open source next year, to allow more sites to properly support SHA-1 fallback. Modern browsers should continue to remove support for SHA-1 certificates, but the industry should adopt SHA-1 fallback in a responsible manner, by patching any vulnerabilities that could lead to attacks and compromise.