Microsoft leads the way, setting new cryptographic defaults

Filed Under: Apple, Apple Safari, Cryptography, Featured, Firefox, Google, Google Chrome, Internet Explorer, Microsoft, Windows

PadlockTarget170While yesterday was Patch Tuesday, Microsoft didn't just release fixes for security vulnerabilities. It also announced moves to improve the cryptographic integrity of Windows as a platform.

First, Microsoft officially began discontinuing the use of the RC4 cipher. With the introduction of Windows 8.1 and Internet Explorer 11, MS products now default to TLS 1.2 and support for the RC4 cipher has been dropped.

The use of RC4 has been a bit controversial as it has many known weaknesses and calls for its retirement have been discussed for some time.

The problem is stream ciphers like RC4 were one the primary defenses used by many websites against the infamous BEAST and Lucky Thirteen attacks.

Fortunately TLS 1.2 and AES-GCM are not vulnerable to these attacks and can now officially be considered mainstream.

Not running Windows 8.1 with Internet Explorer 11? Google Chrome, Firefox, Safari and Opera also support TLS 1.2.

Microsoft also provides a mechanism to disable the use of RC4 in Windows 7, 8, RT, Server 2008 R2 and Server 2012.

With Microsoft on board, hopefully we can bid goodbye to old versions of SSL and TLS for good.

Microsoft's second announcement was that beginning on January 1, 2016 Windows will no longer support the use of X.509 certificates issued using the SHA-1 hashing algorithm for SSL and software code signing.

SHA1-SHA2-170This is a welcome proactive move by Microsoft after having been burned when MD5 certificates were abused through a collision in the Flame malware last year.

MD5 was considered weak for many years, but still supported by Windows because many certificate authorities were lax in updating and still issuing valid MD5 certificates long after they should have.

Microsoft seems to realize its job is to use its dominant market presence to lead, not follow. While SHA-1 is significantly stronger than MD5 was when it was dropped, Microsoft is dropping support before it is abused.

Be sure your certificates are using SHA-2 from here forward and when you renew your certificates make sure your Certificate Authority isn't setting you up to fail in January 2016.

, , , , , , , , , , ,

You might like

4 Responses to Microsoft leads the way, setting new cryptographic defaults

  1. Fred Sagen · 350 days ago

    Update KB2868725 was the only important update to fail in the current batch on my machine.
    Does this indicate that my machine has already been compromised?

    • No, I imagine it just means the update failed. Not sure why. Wait a week and try again.

      • Fred Sagen · 350 days ago

        Having checked the relevant registry keys as advised by Microsoft's security advisory for disabling RC4, I find they are empty, as noted in the advisory for restricting the use of Schannel.dll.

        So I guess I'm already safe, huh?

  2. JohnH · 350 days ago

    I work with certificates a bit. I've never seen one signed using SHA2. Figuring Microsoft would lead by example, I chekced out the CERT for hotmail.com. Even tjhough it was just issued this year in May, and it's good until well into year 2015, it says:

    Signature Algorithm: sha1WithRSAEncryption

    And does this restriction also mean that root CA certificates, many of which expire far, far into the future, will also fail to pass muster because they probably all still use an SHA1 signature.

    This is probably a good, proactive move on Microsoft's part, but I have a feeling many sites will be caught off-guard by this. One small example: it is possible to buy three-year certificates at many CAs, which puts you solidly into the year 2016. See?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.