Menu

Search

GlobalSCAPE Knowledge Base


Deprecation of SHA-1 Hashing Algorithm in 2017


kmarsh
EFT Express (SMB) & Enterprise

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT, all versions

DISCUSSION

According to a Google blog post1:

The SHA-1 cryptographic hash algorithm has been known to be considerably weaker than it was designed to be since at least 2005 — 9 years ago. Collision attacks against SHA-1 are too affordable for us to consider it safe for the public web PKI. We can only expect that attacks will get cheaper.

SHA-1's use on the Internet has been deprecated since 2011, when the CA/Browser Forum, an industry group of leading web browsers and certificate authorities (CAs) working together to establish basic security requirements for SSL certificates, published their Baseline Requirements for SSL. These Requirements recommended that all CAs transition away from SHA-1 as soon as possible, and followed similar events in other industries and sectors, such as NIST deprecating SHA-1 for government use in 2010. 

Support for SHA1 based SSL certificates will be dropped by Microsoft/Windows in 2017.

  • Windows will no longer trust certificates signed with SHA-1 after 2/14/2017

“Server-Authentication Certificates: In summer 2016, Internet Explorer and Edge stopped showing the lock icon on web pages secured with SHA-1 certificates. Effective February 14, 2017, Windows will no longer trust certificates signed with SHA-1.”2

References:

  1. https://security.googleblog.com/2014/09/gradually-sunsetting-sha-1.html
  2. http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx

You can find more information at the following web pages:


Also In This Category


On a scale of 1-5, please rate the helpfulness of this article


Not Helpful
Very Helpful
Optionally provide private feedback to help us improve this article...

Thank you for your feedback!


Comments require login or registration.

Details
Last Modified: 3 Years Ago
Last Modified By: kmarsh
Type: INFO
Article not rated yet.
Article has been viewed 121 times.
Options