NIST retires an early cryptographic algorithm (2024)
The National Institute of Standards and Technology retired one of the first widely used cryptographic algorithms, citing vulnerabilities that make further use inadvisable, Thursday.
NIST recommended IT professionals replace Secure Hash Algorithm 1 (SHA-1) with more secure algorithms from the SHA-2 and SHA-3 groups to protect electronic information by Dec. 31, 2030.
SHA-1 became part of the Federal Information Processing Standard (FIPS 180-1) in 1995, and its limited use by security applications like website validators continues despite increasingly severe attacks on it by more powerful computers. NIST’s recommendation comes on the heels of the White House’s aggressive deadlines for agencies to develop post-quantum cryptography strategies, given concerns quantum computers capable of cracking the traditional public-key encryption most systems rely on may go live anywhere from three years to a decade from now.
“Modules that still use SHA-1 after 2030 will not be permitted for purchase by the federal government,” said Chris Celi, NIST computer scientist, in the announcement. “Companies have eight years to submit updated modules that no longer use SHA-1.”
NIST’s Cryptographic Module Validation Program (CMVP) assesses whether modules, the building blocks of encryption systems, used in federal encryption work effectively every five years.
The agency plans to publish a transition strategy for validating cryptographic modules and algorithms before Dec. 31, 2030.
“Because there is often a backlog of submissions before a deadline, we recommend that developers submit their updated modules well in advance so that CMVP has time to respond,” Celi said.
NIST also intends to publish a FIPS revision, FIPS 180-5, and revise other publications affected by SHA-1’s retirement by its deadline.
SHA-1 secures information by performing a complex math operation on the characters of a message to produce a short string of characters called a hash. While the original message can’t be reconstructed with just the hash, knowing the hash lets the recipient check if the message was compromised because even a slight change alters the hash significantly.
Advertisem*nt
Recent collision attacks use today’s more sophisticated computers to create fraudulent messages that recreate the original hash to compromise the message. NIST already warned agencies against using SHA-1 to protect critical processes like the creation of digital signatures.
As today's increasingly powerful computers are able to attack the algorithm, NIST is announcing that SHA-1 should be phased out by Dec.31, 2030, in favor of the more secure SHA-2
SHA-2
SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001.
A cryptographic hash algorithm (alternatively, hash "function") is designed to provide a random mapping from a string of binary data to a fixed-size “message digest” and achieve certain security properties.
NIST has set the date of Dec. 31, 2030 to remove SHA-1 support from all software and hardware devices. The once-widely used algorithm is now easy to crack, making it unsafe to use in security contexts.
In 2011, NIST released SP 800-131A, which announced the deprecation of SHA-1 when generating new digital signatures and restricted further use of SHA-1 to only where allowed in NIST protocol-specific guidance.
Despite industry-wide conversations around the use of safe cryptography, many organizations continue to use weak crypto standards such as TLS 1.1 and SHA-1. Let's take a quick look at the risks of using these deprecated standards.
NIST formally deprecated use of SHA-1 in 2011 and disallowed its use for digital signatures in 2013, and declared that it should be phased out by 2030.
"SHA-2" is the traditional codename for a family of six functions that includes SHA-256 and SHA-512. These functions are considered completely fine and current and non-obsolete.
In 1997, NIST initiated the Advanced Encryption Standard (AES) development effort [1] and called for the public to submit candidate algorithms for block ciphers. Block ciphers are the foundation for many cryptographic services, especially those that provide assurance of the confidentiality of data.
NIST announced its selection of four algorithms — CRYSTALS-Kyber, CRYSTALS-Dilithium, Sphincs+ and FALCON — slated for standardization in 2022 and released draft versions of three of these standards in 2023. The fourth draft standard based on FALCON is planned for late 2024.
AES-256 encryption is extremely secure. It is the most secure encryption algorithm available today and is used extensively in government and military applications, as well as by businesses operating in highly regulated industries.
Google publicly broke one of the major algorithms in web encryption, called SHA-1. The company's researchers showed that with enough computing power — roughly 110 years of computing from a single GPU for just one of the phases — you can produce a collision, effectively breaking the algorithm.
Security. SHA-1 has known vulnerabilities. With advancements in technology, attacking SHA-1 is no longer computationally expensive. Meanwhile, SHA-256 is considered more secure against collision and brute force attacks, providing a much higher level of security.
The primary vulnerability of SHA-1 is its collision resistance, which means that it is possible to find two different messages that produce the same hash value.
The main threat to SHA-1 is the fact that today's powerful computers can create two messages that lead to the same hash, potentially compromising an authentic message – the technique is referred to as a 'collision' attack.
AES 256-bit encryption is the strongest and most robust encryption standard that is commercially available today. While it is theoretically true that AES 256-bit encryption is harder to crack than AES 128-bit encryption, AES 128-bit encryption has never been cracked.
The DES (Data Encryption Standard) family is a symmetric block cipher. It was designed to handle only 56-bit keys which is not enough for modern computing power. It is now considered to be weak encryption.
In 2005, researchers demonstrated a collision attack against SHA1 that showed it was possible to create two distinct input messages that produced the same hash value. As a result, SHA1 was officially declared insecure by the National Institute of Standards and Technology (NIST) in 2011.
The primary vulnerability of SHA-1 is its collision resistance, which means that it is possible to find two different messages that produce the same hash value.
SHA-1 offers weak security as it sometimes gives the same digest for two different data values, owing to its limited bit-length and therefore possible hash combinations, while SHA-2 produces a unique digest for every data value as a large number of combinations are possible in it (2^256 possible combinations for a 256- ...
Hobby: LARPing, Kitesurfing, Sewing, Digital arts, Sand art, Gardening, Dance
Introduction: My name is Amb. Frankie Simonis, I am a hilarious, enchanting, energetic, cooperative, innocent, cute, joyous person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.