While most certificate authorities (CAs) haven’t been issuing certificates using the SHA-1 cryptographic hash function for more than two months, 1 in 5 websites worldwide still use such certificates, according to analysis by security firm Venafi.
Not only did CAs migrate to the more secure SHA-2 certificates on Jan. 1, 2017, but major browser makers also decided to adopt the change, including Google, Microsoft and Mozilla, and their browsers no longer trust sites that use SHA-1 certificates. Even Facebook announced plans to retire SHA-1.
Despite that, many webmasters are still behind with the transition, as 21% of all websites that use certificates still use the insecure cryptographic hash function, Venafi says, based on the analysis of over 33 million publicly visible IPv4 websites. Granted, things are looking much better compared to last fall, when 35% of websites were still using SHA-1, but recent research has proven that the crypto function is officially broken.
SHA-1 has been long said to be vulnerable to collision attacks, but it wasn’t until this year that the function was proven fundamentally broken. What’s surprising, however, is that webmasters didn’t transition to SHA-2 or SHA-3 sooner. It’s doubtful that they would knowingly leave their sites vulnerable.
“I suspect that many organizations may simply be unware that they still have any SHA-1 certificates on their networks because they are relying on certificate authority (CA) tools to manage their keys and certificates. The problem with this approach, especially now that free and very low cost certificates are widely available, is that anyone in your organization can get and install a certificate that uses weak hashing algorithms and install it on your network,” said Venafi’s Shelley Boose.
In addition to making both websites and their users vulnerable to attacks, the continuous use of SHA-1 can also disrupt the browsing experience, because web browsers display warnings when encountering insecure sites, prompting users to look for alternatives. The green padlock that browsers display to mark HTTPS transactions will no longer be associated with SHA-1 sites, and performance issues might also alter users’ experience, Venafi notes.
Related: Apache Subversion System Affected by SHA-1 Collision
