Expert Comments

SHA-1 Attacks On Upswing – Expert Comments

Expert(s): Security Experts
Expert(s): Security Experts

According to new research, attacks on the SHA-1 hashing algorithm just got a lot more dangerous with the discovery of a cheaper, more practical version of SHA-1 collision attacks. Hashing algorithms are used to compute the keys used in public key encryption which is essential to the security of nearly every web transaction.

Although the industry has been trying to move away from SHA-1 for years, Venafi has found more than 6 million SHA-1 certificates still in use on public facing websites.

Experts Comments

Dot Your Expert Comments
Hari Nair
January 10, 2020
Director of Product Management
Venafi

Quantum computing promises even more disruption in the future.
SHA-1 usage is one more indication that most organization aren’t putting enough emphasis on protecting the keys and certificates that serve as machine identities: SHA-1 was first tagged as weak and vulnerable back in 2005. As of January 2015, public certificate authorities were forbidden from issuing SHA-1 certs that expired after December 2016. Since 2017, the most popular web browsers have been preventing and discouraging SHA-1 use by warning users/consumers of ‘invalid.....Read More
SHA-1 usage is one more indication that most organization aren’t putting enough emphasis on protecting the keys and certificates that serve as machine identities: SHA-1 was first tagged as weak and vulnerable back in 2005. As of January 2015, public certificate authorities were forbidden from issuing SHA-1 certs that expired after December 2016. Since 2017, the most popular web browsers have been preventing and discouraging SHA-1 use by warning users/consumers of ‘invalid certificates.’ Despite all of these efforts, we still see SHA-1 certificates deployed. The main reasons are because there are apps that still cannot support newer or stronger algorithms. In other cases, like IoT or edge-computing, resource constraints prevent the use of stronger cryptography. This new research is a reminder that this issue is not going to go away. As long as computing power continues to grow exponentially, algorithms will weaken and decay over time, this is a given. Quantum computing promises even more disruption in the future.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

Qualys Hit With Ransomware And Customer Invoices Leaked

Experts Reaction On PrismHR Hit By Ransomware Attack

Expert Insight On Ryuk’s Revenge: Infamous Ransomware Is Back And...

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

Microsoft Multiple 0-Day Attack – Tenable Comment

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

IoT Security In The Spotlight, As Research Highlights Alexa Security...

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Expert Reaction On Solarwinds Blames Intern For Weak Passwords

Expert Reaction On Go Is Becoming The Language Of Choice...