A common form of web encryption has been shattered, but it might be for the best

google announces security features for cloud platform data center servers
Google
When a paper demonstrating the first known SHA-1 collision was published last month, it caused quite a stir among the tech community. SHA-1 is still an extremely popular form of encryption, and breaking it wide open could expose a wealth of sensitive information.

“It’s moved from a theoretical attack, to a provable, real-world attack with proofs of concept that are out there in the wild,” said Brian Hanrahan, product manager as endpoint security specialist Avecto, speaking to Digital Trends on the telephone. “So, the probability of someone out there leveraging a SHA-1 collision attack has increased exponentially, because now there’s code that shows how to do it.”

When Google releases the source code behind its findings, anyone who wanted to force a collision for malicious purposes could use it as a template. That sounds dangerous – but is it really the threat it’s made out to be?

The Collision

“I do think that there’s a lot of panic around this, when there probably oughtn’t be,” said Tod Beardsley, the director of research at security engineering firm Rapid7. “Can criminals run out and use this attack to steal money?  I don’t see an application like that.”

“These collisions in SHA-1 required the attackers to have control of both the ‘good’ data and the ‘bad’ data,” Beardsley explained, referring to the two PDF documents that were forced to ‘collide,’ occupying the same SHA-1 hash. “When you control both, it’s kind of game over if you don’t trust that person.”googles sha 1 research will force necessary upgrades to online security standards info

The paper demonstrated how to cause a collision between two hashes, but both documents were in control of the researchers. In terms of carrying out an attack, this isn’t as useful as being able to force a collision with a hash controlled by someone else.

Beardsley told us of a scenario where someone might want to inject ‘evil code’ into Linux. A SHA-1 collision could be used to do so, but carrying out such an attack would still require impersonation of a trusted user to have control over an iteration of the code. While not impossible, the complexity of the task means it would probably be possible only by the largest and most skilled hacking organizations.

Still, a company like Google wouldn’t invest time and effort into its collaborative research with the Centrum Wiskunde & Informatica for no good reason. Though a widespread attack that uses a SHA-1 collision isn’t necessarily imminent, this is important work that will help push internet security standards forward.

A Nudge in the Right Direction

“We’ve had some time, right?” said Beardsley. “We’ve seen this coming down the road. And this is going be the case for many hashing algorithms. As time goes on, and science gets better, and computers get cheaper, we’re going to find that hashing algorithms will fall over in some cases.”

For the last few years, it’s been clear that SHA-1 was on borrowed time. The companies behind major web browsers like Chrome, Safari, Firefox, and Internet Explorer have already started putting their deprecation plans into action.

“It was around late 2012, early 2013, when all the browser manufacturers got together and said, ‘this is not gonna work anymore, let’s start phasing out certificates that use SHA-1 hashing to validate that the server’s real,’” explained Beardsley. “That all was happening up until December 31 of last year, that’s the point where we were supposed to be all off SHA-1 certificates.”

“People are aggressively moving to SHA-256; Microsoft, Google, all of the major technology companies have been doing that,” said Hanrahan. “I think the impetus that’s going to drive people to do it faster now is that there’s a proven, real-world attack.”

Evidence of the SHA-1 collision, which was published online under the catchy SHAttered moniker to ensure maximum visibility, is of critical importance to the continued effort to transition away from the algorithm. While we’ve known that SHA-1 was theoretically unsafe for some time, it takes more than potential threats to prompt the widespread action necessary to facilitate large-scale deprecation.

The possibility of a SHA-1 collision wasn’t enough to make companies as powerful as Microsoft and Google to enforce the switchover to SHA-2. The paper published last month, which makes it a reality, will hopefully force the issue, as with the source code out in the open, SHA-1 is something of a sitting duck — even if it is unlikely that attackers would choose to abuse its weaknesses over another, easier strategy.

But why would anyone want to keep SHA-1 in place?

Inertia and the Legacy Problem

When I asked Tod Beardsley why it was so difficult to retire hashing technology like SHA-1, he laughed. “It’s kind to say difficult, I think it’s impossible,” he explained. “I still use MD5 for things, and MD5 has been dead forever. When it comes down to it, in most cases, it’s good enough — this will set cryptographers’ teeth on edge, saying things like that, but that’s kind of the reality of those implementations,” said Beardsley. “I think you have a lot of inertia, when something kind of, mostly, works. It kind of still mostly works. That would describe the whole internet: the internet kind of, mostly, works.”

You can’t go back to software houses that are out of business and ask them to generate a SHA-2 hash.

It’s a classic case of ‘if it ain’t broke, don’t fix it,’ except in this case, the thing in question is very old, and would break if it was struck by a strong wind. Still, it’s inconvenient to replace SHA-1 with something else, especially while it’s still in working order. And there’s another reason why SHA-1 won’t be wiped from the face of the earth completely any time soon. It’s used to hash software, which is far more stoic than the living, breathing internet.

“The legacy problem is really what needs to be dealt with,” said Hanrahan. “For software that’s been generated in the past, and for which there’s only a SHA-1 hash, you can generate a SHA-256 hash for those files, or whatever entity you’re trying to identify — but you have to start with a known, trusted source.”

He gives the example of writing and compiling a piece of software on his computer, right now. He could hash it with MD5, SHA-1, or SHA-256, and at that time, he would be certain that the hashes relate specifically to that piece of software. However, if he were to compile the software and send it to another person, they would have no way of verifying what the hash was when he created the software. They could produce a SHA-256 hash, but they would have no way of being completely sure that the software hasn’t been tampered with beforehand.

googles sha 1 research will force necessary upgrades to online security standards info head 01

“You can’t go back in time to software houses that are already out of business and ask them to generate a new SHA-2 hash for software that they created 25 years ago,” he explained.

In most cases, you would likely be safe to assume that the SHA-1 hash is legitimate, and generate a SHA-2 hash for that software. However, now that last month’s paper has outlined a way to force a collision between two SHA-1 hashes, there’s an element of doubt. “Using SHA-1 to verify a binary is no longer considered absolutely precise and perfect,” added Hanrahan.

Evidently, this kind of change in security standards doesn’t come easy. And once SHA-1 has been phased out in favor of SHA-2, what’s to stop the powers that be pushing for a move to SHA-3? Couldn’t this game of catch-up go on indefinitely? No — and we have math to thank for that.

What’s next, and the quantum problem

“With regards to SHA-2, if you think about the enormous computing power that it takes to break a SHA-1 based certificate, it’s not like we’re doubling it to go to SHA-2,” said Hanrahan. “It’s an exponential difference in the amount of computing power that would be required.”

“Quantum computing also, incidentally, breaks all existing cryptography”

SHA-2 is the successor to SHA-1, and consists of six different functions with varying hash values. “It’s not like tomorrow they’re going to turn around and say, ‘oh, we broke SHA-2 now,’ because it’s a computing power problem,” Hanrahan added. “It’s taken basically all the computer power they have to generate one collision for SHA-1, and to show how to do it.”

Outside of vulnerabilities that are being kept secret, it seems that SHA-2 will be sufficient for current hardware. However, when our computers take their next evolutionary step, cryptography must do the same. Quantum computing will change all the rules when it’s practical, according to Beardsley.

“Quantum cryptography tends to favor the secret keeper, rather than the breaker — the cryptoanalyst,” he said. “According to what we know about math today, that seems to be the endpoint. We can’t really see beyond that.”

The advent of the quantum computer will make the upheaval caused by the transition from SHA-1 to SHA-2 look miniscule. “[Quantum computing] also, incidentally, breaks all existing cryptography, but from that point on, things get pretty good for the secret keepers.”

Still, once SHA-1 has been deprecated, SHA-2 should be able to keep things safe and secure until the quantum future arrives. That’s why the research carried out by Google and the Centrum Wiskunde & Informatica is so important. It’s not that SHA-1 is going to used to facilitate an attack imminently, but with a better successor already available, it’s good to encourage companies to use it. That will keep our data safer, and better protect against attacks that would give us real reason to panic.

Gaming

New ‘Battlefield V’ patch gives Nvidia’s ray tracing support a chance to shine

‘Battlefield V’ is the first game to use Nvidia’s ray tracing support, now available with the RTX 2080 and 2080 Ti graphics cards. The feature can, in an ideal scenario, make the game look better, but the performance hit may not be…
Movies & TV

'Stranger Things' season 3 teaser reveals the new episodes' titles

With a sophomore season as strong as its first, Stranger Things is now moving on to season 3. Here's everything we've learned so far about the Netflix series' upcoming third season.
Mobile

Google to end support for Android devices running Ice Cream Sandwich

Anyone with an old phone that is still running Android 4.0 may want to look into upgrading their phone, as Google has announced that it will be ending support for this older version of Android.
Computing

Changing file associations in Windows 10 is quick and easy with these steps

Learning how to change file associations can make editing certain file types much quicker than manually selecting your preferred application every time you open them. Just follow these short steps and you'll be on your way in no time.
Computing

Intel's dedicated GPU is not far off -- here's what we know

Did you hear? Intel is working on a dedicated graphics card. It's called Arctic Sound and though we don't know a lot about it, we know that Intel has some ex-AMD Radeon graphics engineers developing it.
Computing

Edit, sign, append, and save with six of the best PDF editors

There are plenty of PDF editors to be had online, and though the selection is robust, finding a solid solution with the tools you need can be tough. Here, we've rounded up best PDF editors, so you can edit no matter your budget or OS.
Computing

How to easily record your laptop screen with apps you already have

Learning how to record your computer screen shouldn't be a challenge. Lucky for you, our comprehensive guide lays out how to do so using a host of methods, including both free and premium utilities, in both MacOS and Windows 10.
Computing

From beautiful to downright weird, check out these great dual monitor wallpapers

Multitasking with two monitors doesn't necessarily mean you need to split your screens with two separate wallpapers. From beautiful to downright weird, here are our top sites for finding the best dual monitor wallpapers for you.
Computing

Capture screenshots with print screen and a few alternative methods

Capturing a screenshot of your desktop is easier than you might think, and it's the kind of thing you'll probably need to know. Here's how to perform the important function in just a few, easy steps.
Computing

These cheap laptops will make you wonder why anyone spends more

Looking for a budget notebook for school, work, or play? The best budget laptops, including our top pick -- the Asus ZenBook UX331UA -- will get the job done without digging too deeply into your pockets.
Mobile

Vanquish lag for good with the best routers for gaming

Finding the best routers for gaming is no easy task. With so many out there, how do you know which to pick? We've looked at the many options available and put together a list of our lag-free favorites.
Computing

Stop your PC's vow of silence with these tips on how to fix audio problems

Sound problems got you down? Don't worry, with a few tweaks and tricks we'll get your sound card functioning as it should, and you listening to your favorite tunes and in-game audio in no time.
Product Review

It's not the sharpest tool, but the Surface Go does it all for $400

Microsoft has launched the $400 Surface Go to take on both the iPad and Chromebooks, all without compromising its core focus on productivity. Does it work as both a tablet and a PC?
Deals

These Raspberry Pi 3 bundles will cover everyone, from coders to gamers

The Raspberry Pi 3 is a low-budget computing platform capable of doing just about anything. We rounded up a handful of the best Raspberry Pi 3 bundles to get you started on a variety of DIY projects.