ID: IRCNE2013112021
Date: 2013-11-22
IDG News Service - Google replaced the SSL certificates for its online services with new ones that use stronger, 2048-bit RSA keys, making encrypted connections to its sites safer against so-called brute-force attacks.
The company announced in May that it would increase the key length for its SSL certificates from 1024 bits to 2048 bits by the end of 2013.
"Coming in ahead of schedule, we have completed this process, which will allow the industry to start removing trust from weaker, 1024-bit keys next year," Google security engineer Dan Dulay said Monday in a blog post.
Until not long ago 1024-bit RSA keys were considered sufficiently strong because cracking them using brute force by systematically trying all possible combinations was viewed as impractical due to the computing power and time required. However, following the recent revelations about the mass data collection programs of the National Security Agency and its investments in groundbreaking cryptanalysis, that's no longer the case.
Increasing the key length for SSL certificates is not a new development, as many certificate authorities have stopped issuing new certificates with 1024-bit keys for a while.
According to a November scan done by the SSL Pulse project, 96 percent of the Internet's top 162,480 HTTPS-enabled sites already use SSL certificates with 2048-bit keys.
- 2