First, let’s understand what SHA-1 does. Both SHA-1 and its successor, SHA-2, are specific types of signing algorithms. Signing algorithms are used as part of the identity validation role that SSL certificates perform. They are mathematical functions (referred to as a “hash”) which, when performed, should calculate a persistent and unique value for each file. The hash calculated by the browser is compared to the hash value provided by the server, which has been verified by the Certificate Authority (CA) at the time of issuance. If they match, the identity of the certificate and server are verified.
Accurate identification is very important for the CA Trust Model, and SHA-1 can no longer perform this. This is because SHA-1 is vulnerable to “collisions.” This is when two different files produce the same hash value. This would allow someone to “forge” a certificate, and have a client’s browser falsely verify a server’s identity. The weaknesses have never been more apparent with the recent collision attack exercise carried out by Nathan McHugh.
We don’t want to be visiting a forged site and providing our financial information to thieves, business identity scammers, and phishers. This compromises a user’s trust of the internet and browsers, and is precisely the reason that Google wants to get rid of SHA-1 quickly.
Google is amongst many parties who believe that “forging” a certificate signed by a SHA-1 hash is becoming easy. They also feel that in previous instances when CAs needed to transition to a new technology (in the switch from MD5 to SHA-1, and from 1024- to 2048-bit certificates) they did so slowly and poorly. For this reason, they are forcing the sun setting of SHA-1 (and therefore, an upgrade to SHA-2) early.
Eric Mill, a software engineer, has written an excellent post describing the entire situation in very common-sense terms. His post is very approachable by those who aren’t very technical and we highly recommended it as additional reading.
For those who are accessing from unsupported systems and visit sites using SHA-2, such as Windows XP and Windows 2003 server, will need a patch. Luckily these patches have already been made available by Microsoft. If you are using Windows Server 2003, admin tools can be found by clicking here. The Windows XP patch is located here. If you would like to use a hotfix, Microsoft has also made available at this location.