by C. Henry Adams
In Life on the Internet, like anything else, this (SHA-1) too, shall pass away. In telecommunications, the Internet, advance technology; what is new today, could be possibly gone tomorrow. This is a truth that I dare not deny.
Thus, the discussion here is cyber security related. If the writing is on the wall or should I state in the blogs (LOL), perhaps, we should all listen.
Let's see, it has been written on September 14th 2014 in Mozilla or farther back in 2005 by Schneier that SHA-1 was a cyber security risk. Later in the years following, it would begin to be considered phased out as stated in a Mozilla Blog article.
But, if you aren't a fan of the Firefox Internet Browser, maybe that news did not pertain to you.
Well, how about in November 4th 2015; that ought to have gotten your attention when Microsoft said it would what? Depreciate or block SHA-1 signed TLS certificates from Windows.
Huh! What!? You don't utilize Firefox Internet Browser or Windows Operating Systems?
Well, what say you about Chrome and Google? Especially when Google states, "Chrome does not treat SHA-1 certificates as secure anymore," on December 18th 2015?
Are you wondering now what the heck is a SHA-1 (or) SHA-2 and how in the Internet World will it involve you? Ok cool. Let's learn a little history about encryption. Why? Well, in order to know where you are going in life on the Internet, maybe, it would be good to know where you come from...
SHA-1 was created by the NSA (US National Security Agency) in 1995. Sorry, we don't have any links to share, but please feel free to research SHA-1. Basically, it is a cryptographic hash function; in layman terms, I would state, " a mathematical way to scramble communications". SHA stands for Secure Hash Algorithm.
Well, there is an old saying that does not exactly go like this, " If one person can build an object of desire and usefulness, a Knucklehead can figure out a way to come and completely tear it down. So, before he or she do, anticipate this action and build many more. "
Thus SHA-2 and SHA-3. So, I'm guessing you would like to know the purpose of a SHA.
Well, a SHA has (4) properties:
The ideal cryptographic hash function premises:
- compute a value for any given message
- generate a message
- make a small change to a message
- create more different messages to communicate
I can hear someone saying, " What change over!? " To best answer that question, a SHA-2 signed TLS (Transport Layer Security) certificate would be ideal now to utilize within web development when communicating money transactions, personal information (healthcare information related) , as well as, many other aspects on Today's Internet.
Well, those of my thoughts, what say you? Thanks for reading our blogs.
Sphere: Related Content