Google reminded the world that starting with Chrome 56, scheduled for release near the end of January 2017, websites...
signed with SHA-1 certificates will no longer be trusted, and visiting them will return an interstitial message from the browser indicating the site is not trustworthy.
Joining with other major browser makers, Google has gradually reduced support for SHA-1 over the past year, starting by removing support for newly issued SHA-1 certificates at the beginning of 2016. Despite raising the possibility that support for SHA-1 would be removed entirely on an accelerated basis this year, browser companies have not taken that step.
"The SHA-1 cryptographic hash algorithm first showed signs of weakness over eleven years ago, and recent research points to the imminent possibility of attacks that could directly impact the integrity of the web [public key infrastructure (PKI)]," Andrew Whalley, of the Google Chrome security team, wrote in a blog post. "To protect users from such attacks, Chrome will stop trusting certificates that use the SHA-1 algorithm, and visiting a site using such a certificate will result in an interstitial warning."
In a nod to organizations that use SHA-1 certificates within private PKIs, Google added a settable option, EnableSha1ForLocalAnchors, to allow organizations to continue using SHA-1 for certificates that chain to a local trust anchor. Those organizations wishing to use this option to extend the lifetime of those private SHA-1 certificates must begin using it with Chrome 57, which is scheduled for a March 2017 release to the stable channel. "Since this policy is intended only to allow additional time to complete the migration away from SHA-1, it will eventually be removed in the first Chrome release after January 1st 2019," Whalley wrote.
However, Whalley warned support for SHA-1 may be removed entirely before 2019 "if there is a serious cryptographic break of SHA-1. Enterprises are encouraged to make every effort to stop using SHA-1 certificates as soon as possible and to consult with their security team before enabling the policy."
The SHA-1 deprecation effort began to accelerate in 2015 after security researchers reported malicious actors with relatively little computing resources could successfully brute-force the secure hashing algorithm and create fake websites that appeared legitimate.
Later that year, leading browser developers began signaling their intention to accelerate the drop-dead date for removing support for SHA-1 certificates from browser and other parts of the internet infrastructure.
Mozilla announced in October 2015 it might begin dropping support for SHA-1 certificates in the Firefox browser as early as July 2016. In December 2015, Google announced it, too, might speed up its timetable for SHA-1 deprecation in the Chrome browser to match Mozilla's move, though neither company followed through on that possibility. Microsoft, too, has made progress on SHA-1 deprecation.
SHA-1 has been considered a prime candidate for deprecation for at least 12 years; security expert Bruce Schneier reported in 2004 that researchers announced weaknesses in the SHA-1 and MD5 hashing algorithms. Less than a year later, after noting the first attack on SHA-1 that had been shown to be faster than a brute-force attack, Schneier reiterated his call: "It's time for us all to migrate away from SHA-1."
Find out more about how SHA-3 is shaping up as a next-generation security tool
Learn more about the importance of the upcoming transition to SHA-2
Read about using a secure hashing algorithm to improve security