Fearing the loss of Internet users in some of the world’s poorest and most oppressed regions, technology providers Facebook and CloudFlare are calling for a gentler shift to a new Web encryption standard that will protect everything from social media websites to online transactions.
Beginning on January 1, browsers will begin phasing out what’s known as the SHA-1 algorithm, with the goal of replacing it with its successor, SHA-2, by 2017. Facebook and CloudFlare, which provides security and speedy connections for Web pages, would like to allow users with SHA-2-incompatible devices to continue using SHA-1, while still sunsetting SHA-1 for the rest of the world.
When Internet users browse an encrypted website, the two-way exchange of information is protected in part by an encryption tool called a hash function. These algorithms turn any message into a unique jumble of letters and numbers that assures the information came from the right source. If you see “https” in your URL, the website you are visiting may use SHA-1. It’s these sites that will begin to be blocked from a small population of Web users later this week.
Since the mid-1990s, two hash functions have been the primary protectors of consumers’ browsers. As computing power drops in cost, the ease with which the tools can be cracked has grown. The second one, called the MD5 algorithm, was retired in 2008 after researchers exposed serious security flaws. The cost to spoof an SHA-1 hash function today is estimated to be around $100,000—a number that will continue to drop.
“People have sort of said, ‘Hey we’ve seen this movie before,’ and we know what is potentially coming and the risk is getting higher and higher,” CloudFlare CEO Matthew Prince says.
The most effective solution is to replace SHA-1 with the more sophisticated SHA-2. But while MD5 and SHA-1 have been compatible with consumer devices from the start, SHA-2 was released in 2001. People with old devices—predominantly low-cost feature phones used in developing nations in Asia and Africa—could be cut off from access to encrypted websites and not have the resources to upgrade. CloudFlare estimates 6.08 percent of browsers in China do not have support for SHA-2. In Syria, it’s 3.63 percent.
Richard Barnes, the head of Firefox security at Mozilla, says the company has found only 3 percent of Web traffic warrants using SHA-1.
“Interrupting these users’ experiences is actually good for the Web,” Barnes says. “Using old software is dangerous; in addition to requiring broken cryptography, old software usually has other security problems that have been fixed in more current versions.”
If there is any reason to continue supporting SHA-1, it’s so users have time to download new software that supports the upgrade, Barnes says. Firefox actually switched off SHA-1 support last year, but then reinstated it after noticing a huge drop in Firefox downloads. People with older browsers couldn’t connect to mozilla.org to download the new SHA-2 compatible software.
As computing costs continue to drop, SHA-2 will eventually become weak and necessary to replace. Many current devices do not support SHA-3. Technology like quantum computing could suddenly make the whole line of algorithms instantly breakable.
“This is an exercise that we’re going to have to go through time and time and time again,” Prince says. “Putting in place a mechanism to responsibly support the past while migrating to the future is a good thing and will make that migration much easier.”