Both companies are calling for a change to how a web browser will handle SHA-1 once it is retired.
SHA-1’s retirement was a long time coming: In recent years, the algorithm has proven to be less secure than previously thought.
When a key security algorithm ceases being used, web browsing will get considerably more risky for countless individuals, warns Facebook. SHA-1 is used in a lot of security measures as a guarantee of identity and to hide what people do online.
This opinion is also shared by Alex Stamos, Facebook’s Chief Security Officer. Stamos says between 3 and 7 percent of browsers in use can’t handle SHA-256, and since these are disproportionately in developing countries, “the likely outcome in those counties will be a serious backslide in the deployment of HTTPS”.
In 2012, renowned cryptographer Bruce Schneier estimated that a practical attack against SHA-1 would cost $700,000 using commercial cloud computing services by 2015 and $173,000 by 2018, putting it well within the reach of criminal syndicates.
“Unfortunately, this list largely overlaps with lists of the poorest, most repressive, and most war-torn countries in the world”, the company wrote. SHA-1 (Secure Hash Algorithm 1) is a function designed by the NSA and is a U.S. Federal Information Processing Standard.
According to CloudFlare’s data, the top ten countries with the lowest support for SHA-2 are: China (6.08%), Cameroon (5.39%), Yemen (5.25%), Sudan (4.69%), Egypt (4.85%), Libya (4.83%), Ivory Coast (4.67%), Nepal (4.52%), Ghana (4.42%) and Nigeria (4.32%).
“In other words, after December 31st most of the encrypted web will be cut off from the most vulnerable populations of Internet users who need encryption the most”, the CloudFlare researchers said. “The CA/Browser Forum should create a new type of Legacy Verified certificate that should only be issued to organizations that have demonstrated they are offering SHA-256 certificates to modern browsers”, proposed Alex Stamos.
This allows browser vendors to continue with their plan to cut off support for SHA-1 certificates next year while allowing websites to serve users with old devices that are unlikely to ever be updated.
The company has also published the code it uses for certificate switching here, as part of its Proxygen HTTP library. CloudFlare, which runs a content delivery network to optimize and protect its customers’ websites, has enabled automatic SHA-1 fallback for its paying users.
Other browsers are mirroring Google and, over the course of 2016, will begin issuing warnings and eventually completely distrust connections to sites using SHA-1 signed certs.