This is your last chance to prepare for an August update from Microsoft that will reject cryptographic keys less than 1024 bits.
An important update from Microsoft is coming in August and for those who missed the announcement earlier this year, it could actually break a number of things for some businesses who haven't already prepared for the change. The update will block anything using a cryptographic key that is less than 1024 bits. Here are some of the repercussions of the update for those who haven't prepared in advance:
- Error messages when browsing to web sites that have SSL certificates with keys that are less than 1024 bits
- Problems enrolling for certificates when a certificate request attempts to utilize a key that is less than 1024 bits
- Creating or consuming email (S/MIME) messages that utilize less than 1024 bit keys for signatures or encryption
- Installing Active X controls that were signed with less than 1024 bit signatures
- Installing applications that were signed with less than 1024 bit signatures (unless they were signed prior to January 1, 2010, which will not be blocked by default).
For a little background, with encryption, security is often measured in how long it would take to break that encryption, or more practically, in key lengths. The genius behind modern encryption is in the fact that some math functions are very fast in one direction, but extremely slow in the reverse. So by using a key to produce a cipher block from the data you wish to encrypt, you can get the result in a very fast time frame. But in order to figure out the key, or to break that encryption, it would take you a long time. Note that it's still possible, -- all encryption can be broken -- but we still say it's secure because of how long it would take to break it. However, this depends on two factors: how much processing power you have, and how long the key is. For example, if you were to implement an encryption system that used a 20-bit key, it would be horribly insecure, because breaking that encryption would take seconds for a modern computer. However, if the key length is 1024 bits, then those seconds would instead become several billion years.
Back a few years ago, most certificates were issued using 512-bit key lengths. With the computers we had then, brute forcing a private key was considered to be unfeasible, because it would take a ridiculously long amount of time. But now, most security experts consider that length to be too short, because of how fast processor power evolved, and with things like GPU arrays being used to crack passwords and so on. As the attack vectors evolve, so must security, and as such any modern certificate is now issued with a minimum of 1024 bits. But many businesses and corporations make their own certificates for a variety of purposes, from signing emails, to encrypting corporate websites, or even for their own internal login systems. Up until now, Microsoft products, such as Windows Server 2003 or 2008, allowed you to create certificates with a short key length, but after this update, this will no longer be possible.
Discovering usage of keys less than 1024 bits
So who will be affected? If your systems are kept up to date, and you've been following safe security practices, chances are this won't change a thing for you. But many businesses have a large array of systems and server software, some dating from several years ago, and you may well have older certificates that no longer meet the new requirements. After the update, you may start seeing errors such as not being able to browse to a site that uses a certificate with a key of less than 1024 bits, problems enrolling older certificates to new client machines, failing to sign email, and so on. Again, most businesses won't have any of these issues, but some networks that rely on older systems will be impacted. To find out if this is your case, the Microsoft TechNet post linked above has a series of commands you can issue using the Certutil tool which you already use to manage certificates.
To monitor an external website, a useful tool is the Qualys SSL Labs site, which not only tells you the key length used by the site, but other information on the certificate used to encrypt your connection. A bad case that could happen here is that your corporate website will start showing error messages to users, and that's something you obviously want to avoid. A worse case however is if you rely on old hardware tokens. For example, some older DKIM and KVM switches use 512-bit keys, and the same is true for some cheap routers. While these things may or may not produce errors after this Microsoft update, it's still worth looking into and replacing them with more secure alternatives.
So how much of a threat is there? In most cases, it's not a huge deal. 512-bit keys have been broken, and while it's not a trivial thing to do, as processing power keeps increasing, it will become more trivial. So you may ask, how much more secure is a 1024-bit key? Remember that it's an exponential function, so doubling the key length much more than doubles the security. Of course, the holy grail in hacking would be to find a function that could factorize these keys as quickly as it takes to make them, and such a function may exist, which would render all modern encryption completely useless, but most security experts agree that this is an unlikely event. So for now, as long as all your corporate systems are already onboard with 1024-bit keys, you can sleep knowing that not only will this August update not break anything, but your data is truly secure.