Security Experts:

Mozilla Re-Enables Support for SHA-1 in Firefox

Starting on January 1, 2016, Firefox 43 began rejecting new SSL certificates that use the SHA-1 cryptographic hash function, but the latest version of the browser (43.0.4) no longer does that.

Following reports that the cost of collision attacks against SHA-1, one of the main threats against the digest algorithm, has dropped significantly, Mozilla even announced that it would completely reject such certificates starting July 2016, yet it appears that the company has had a change of heart. The company has re-enabled support for SHA-1 in the latest Firefox release, while re-evaluating impact on users.

The initial plan for deprecating SHA-1 was to warn users when they accessed a page that used a new certificate signed with the weaker algorithm. The idea behind this move was to determine site owners to migrate to certificates using the more secure SHA-2 function, while also providing them with enough time to do so, as the intended rejection date for SHA-1 certs was initially set to January 1, 2017.

Since there are not that many new SHA-1 certificates in use, the change should have been smooth and largely unnoticed. However, Mozilla’s Richard Barnes notes in a recent blog post that users behind “man-in-the-middle” devices such as security scanners and anti-virus products have lost access to HTTPS sites on January 1, 2016, when Firefox started rejecting new SHA-1 certs.

“When a user tries to connect to an HTTPS site, the man-in-the-middle device sends Firefox a new SHA-1 certificate instead of the server’s real certificate. Since Firefox rejects new SHA-1 certificates, it can’t connect to the server,” Barnes explains.

Affected users would not be able to load HTTPS pages in Firefox and, when accessing the “Advanced” option in the browser, they would see the error code “SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED.” Those who experience this issue are advised to install the latest version of Firefox, which no longer blocks pages that rely on new SHA-1 certificates.

Given that Firefox updates are delivered over HTTPS, users behind such man-in-the-middle devices should manually download and update the new Firefox version, using a different browser. Another option is to head to about:config and change the value of “security.pki.sha1_enforcement_level” to 0 (which will accept all SHA-1 certificates).

Barnes also notes that users should ensure that their security application or anti-virus software is updated and that some vendors might have also removed the use of certificates signed with the SHA-1 algorithm in the recent versions of their products.

The situation where users lose access to HTTPS sites is what Facebook and CloudFlare warned about in early December, when they prompted the industry to delay the sunset of SHA-1. At the time, the two companies warned that millions of users would lose access to websites still relying on this algorithm, and that the SHA-2 support is still limited.

Users with older, legacy devices were said to be affected the most, especially those in emerging markets or in geographies representing the poorest, most repressive, and most war torn countries in the world. Just before Christmas, Twitter said it was backing the proposal for delaying SHA-1’s sunset, also saying that many of its users would lose access to its service and other HTTPS websites.

Although the latest version of Firefox re-enables support for SHA-1 certificates, Mozilla says it is still committed to completely removing SHA-1 support from Firefox. In the meantime, it will focus on learning more on the number of users affected by the move, while also urging vendors of TLS man-in-the-middle systems to update their products to use newer digest algorithms.

In late December, Google announced intentions to remove support for SHA-1 from Chrome earlier than initially planned, on July 1, 2016, when the browser would accept only certs signed with the SHA-2 or SHA-3 algorithms. As of January 1, 2016, Chrome version 48 displays a certificate error if it encounters a site with a leaf certificate that is signed with a SHA-1-based signature and which has been issued on or after that date.

view counter