ID: IRCNE2013051860
Date: 2013-05-25
According to "techworld", Google plans to upgrade the security of its SSL (Secure Sockets Layer) certificates, an important component of secure communications. SSL certificates are used to encrypt communication and verify the integrity of another party with which a user is interacting.
Keys that are less than 1,024 bits are considered weak, and 512- and 768-bit keys have been factored to reveal a private key. Google has been using 1,024-bit keys, but will move to 2,048-bit keys, wrote Stephen McHenry, Google's director of information security engineering, in a blog post Thursday.
"We will begin switching to the new 2048-bit certificates on August 1st, to ensure adequate time for a careful rollout before the end of the year," he wrote. "We're also going to change the root certificate that signs all of our SSL certificates because it has a 1024-bit key."
McHenry warned that most client software won't have trouble with the change, but client software embedded in some phones, printers, set-top boxes, gaming consoles and cameras could have problems.
Hundreds of organizations around the world can issue SSL certificates that are tied back to a so-called Certificate Authority. These organizations, known as intermediates, have been targeted by hackers. Creating a fraudulent certificate SSL certificate can make it appear a person is visiting a legitimate website when in fact it is fraudulent.
Google was the victim of such an attack in 2011 after a Certificate Authority called DigiNotar was breached. Hackers generated at least 500 fraudulent SSL certificates.
- 2