Google is changing the length of its encryption keys from 1,024-bit to 2,048-bit, including the root certificates...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
that sign all SSL certificates. What are the practical effects of such a switch from a security perspective, including how enterprises can plan for the switch?
The Certificate Authority/Browser Forum requires all certificate authorities (CAs) to start issuing certificates with a minimum 2,048-bit length by Jan. 1, 2014, and leading browser vendors will require websites to use 2,048-bit keys by the end of 2013.
Many websites have already upgraded their certificates, but because Google services are so ubiquitous, the search giant is flagging its changes to ensure a smooth migration. While most users will not notice anything different (client software like browsers will automatically update to accept the new certificates), some software and hardware -- such as games consoles, phones and cameras -- that rely on hard-coded lists of root certificates will not update automatically.
Ask the expert
SearchSecurity expert Michael Cobb is standing by to answer your questions about enterprise application security and platform security. Submit your question via email. (All questions are anonymous.)
Enterprises using software built in-house that makes SSL connections to Google, must check to see if it relies on hard-coded SSL trust lists and should plan to update the lists, or better still, build SSL certificate flexibility into the software. Google has produced a frequently asked question (FAQ) page covering issues with the changes they are making along with examples of workarounds.
The future of 2,048-bit encryption
Although it's estimated that a 1,024-bit RSA key won't be broken within the next five years (768 bits is the largest RSA key known to have been cracked), it's only considered equivalent to 80 bits of security. Starting at the end of 2013, the U.S. National Institute of Standards and Technology (NIST) will not allow security strengths below 112 to be used within the federal government; those of 112 bits and above will be valid until the end of 2030.
While doubling key strength delivers an exponential increase in protection -- encryption strength is directly tied to key size -- the computational power required to process 2,048-bit certificates is five to 30 times greater than that for 1,024-bit certificates. Enterprises that operate high-volume sites and services need to ensure their infrastructure can handle larger key sizes. To avoid significant performance degradation, one potential option is to offload SSL processing to high-performance application delivery controllers (ADCs). These dedicated network devices include hardware-based SSL acceleration capable of handling far more SSL transactions per second than a general-purpose server.
Google began switching to the new 2,048-bit certificates on Aug. 1, and all certificates will be upgraded by the end of 2013. This includes the root certificate used to sign its SSL certificates, as it only has a 1,024-bit key.
Barring an unforeseen breakthrough in quantum computing, it should be some years before another upgrade is required.
What can elliptic curve cryptography do for the enterprise?
Are there specific encryption requirements under HIPAA?
Array Networks targets SaaS providers with its 2,048-bit SSL-compatible appliances
Learn specifications for backup software-based encryption
Get information on 2.048-bit SSL keys
Which public key algorithm is used for encrypting emails?
Dig Deeper on Web Authentication and Access Control
Michael Cobb, Application Security asks:
How will the change in encryption key length impact your enterprise from a security perspective?
0 ResponsesJoin the Discussion
Related Q&A from Michael Cobb
Is cookie encryption enough to protect sensitive information? Expert Michael Cobb explains how salted hashes can prevent attacks, and the secure way ...continue reading
A vulnerability was found in the Blackphone's Icera modem. Expert Michael Cobb explains how attackers could hijack the device, and if this would ...continue reading
Oracle is killing off the Java browser plug-in due to security risks. Expert Michael Cobb explains the next steps for enterprises with Java-based ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.