Microsoft announces retiring of SHA-1
Posted on 14 November 2013.
Along with the standard security advisories released on this month’s Patch Tuesday, Microsoft has also released a few that announce the company’s intention to deprecate the SHA-1 algorithm and avoid the RC4 cryptographic cipher.

“Microsoft is recommending that customers and CA’s stop using SHA-1 for cryptographic applications, including use in SSL/TLS and code signing,” they explained, adding that the company will stop recognizing the validity of SHA1-based code signing certificates after 1 January 2016 and that of SHA-1-based SSL certificates after 1 January 2017.

Microsoft is trying to avoid the situation that happened when Flame malware authors managed to perform a collision attack against the MD5 algorithm and, by forging Microsoft digital signatures, to impersonate its servers. As with MD5 before it, researchers have proven on several occasions that the SHA-1 algorithm is susceptible to collision attacks, and the company has decided to act instead of react this time.

“US NIST Guidance has counseled that SHA-1 should not be trusted past January 2014 for the higher level of assurance communications over the US Federal Bridge PKI. Common practice however has been to continue to issue SHA-1-based certificates, and today SHA-1 certificates account for over 98% of certificates issued worldwide,” they explained. “Recent advances in cryptographic attacks upon SHA-1 lead us to the observation that industry cannot abide continued issuance of SHA-1, but must instead transition to SHA-2 certificates.”

The company has also issued a policy for deprecating the algorithm for Certificate Authorities who are members of the Windows Root Certificate Program, but have also said that the deprecation deadlines will be reconsidered in 2015.

The number of practical attacks against the RC4 stream cipher is, again, the reason Microsoft has officially recommended that customers retire and deprecate RC4 in their TLS implementations. Instead, they are advised to enable TLS1.2 with AES-GCM.

They also pointed out that they made the latest iteration of IE not offer RC4-based cipher suites during the initial TLS/SSL handshake as the first option, reserving it instead only for situations when the browser cannot negotiate a non-RC4 cipher suite with the server.


How to keep your contactless payments secure

Posted on 19 September 2014.  |  Fraudsters can pickpocket a victim’s financial data using low-cost electronics that can fit into a rucksack. Here are the top security threats you should be aware of if you’re using a RF-based card, along with our top safety tips to keep your payments secure.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Sep 22nd