SHA-1 Attacks On Upswing – Expert Comments

According to new research, attacks on the SHA-1 hashing algorithm just got a lot more dangerous with the discovery of a cheaper, more practical version of SHA-1 collision attacks. Hashing algorithms are used to compute the keys used in public key encryption which is essential to the security of nearly every web transaction.

Although the industry has been trying to move away from SHA-1 for years, Venafi has found more than 6 million SHA-1 certificates still in use on public facing websites.


EXPERTS COMMENTS
Hari Nair, Director of Product Management ,  Venafi
January 10, 2020
Quantum computing promises even more disruption in the future.
SHA-1 usage is one more indication that most organization aren’t putting enough emphasis on protecting the keys and certificates that serve as machine identities: SHA-1 was first tagged as weak and vulnerable back in 2005. As of January 2015, public certificate authorities were forbidden from issuing SHA-1 certs that expired after December 2016. Since 2017, the most popular web browsers have ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article