Efforts to upgrade from the use of the Secure Hash Algorithm (SHA)-1 standard, to SHA-256 are well underway by information technology professionals throughout the Department of Defense (DoD), other federal government agencies, academia, businesses, and private institutions. This upgrade provides all parties with the means to resist cryptanalytic attacks directed at a weakening SHA-1 standard.
In addition to the cybersecurity benefit derived from the upgrade, use of a common SHA standard across the federal government facilitates information sharing interoperability between the government and commercial partners.
The upgrade has been a DoD cybersecurity priority for several years; however, development of a plan to mitigate mission impact presented a challenge. The department’s successful deployment of strong identity authentication technology with the issuance of the Common Access Card (CAC) using SHA-1, and the deep integration of this technology across our system access strategies per national policy, as well as other factors, combined to make the upgrade a massive, multiphase network operation requiring close coordination by all parties involved.
In addition, prior to initiating upgrade activities, organizations also needed to upgrade operating systems and applications that supported the use of SHA-256. The DoD approach to these challenges was to progressively move forward with incremental supporting actions, with each decision to execute prioritized by senior leadership consideration of overall mission impact, cyber-threat risk and, of course, cost.
What is SHA-256?
SHA-256 is a one-way cryptographic hash function, which when used in conjunction with other cryptographic algorithms, such as a digital signature algorithm, enables a number of crucial network security services or operations. Most network security professionals would not consider it an overstatement to say that our ability to successfully perform security services, such as confidentiality, integrity authentication, source authentication and authorization, and non-repudiation, are directly dependent on the unfailing cryptographic properties of the employed SHA standard — which in this case is SHA-256.
Prior to this upgrade, SHA-1 served as the cryptographic hash function of choice for government and industry alike. However, as is typically the case for most cryptographic products, over time the ability of the product to deter cryptanalytic attacks decreases as the computing power necessary to defeat its cryptographic properties increases. In anticipation of this phenomenon, the National Institute of Standards and Technology (NIST) led the development of the SHA-256 standard to replace SHA-1. Since SHA-256’s development, NIST has gone on to develop yet another cryptographic hash algorithm for public use, namely SHA-3. However, NIST has stated that there is no current need to transition applications from SHA-256 use to SHA-3.
Public Key Infrastructures (PKIs), to include the DoD PKI, rely on SHA-256 cryptographic properties to ensure it is infeasible for an attacker to create another valid digital certificate, Certificate Revocation List (CRL), or Online Certificate Status Protocol (OCSP) response with the same hash. SHA-256 use supports PKI digital certificate authentication and code-signing for the purpose of software authenticity. It is also used to support integrity in data communications protocols, such as Secure Socket Layer (SSL)/Transport layer Security (TLS) protocols.
Planned Upgrade Activities and Dates
On Dec. 10, 2015, the DoD CIO released a policy memorandum, titled “Revised Schedule to Update DoD Public Key Infrastructure Certificates to Secure Hash Algorithm-256.” This memorandum revises previously directed DoD SHA-1 to SHA-256 transition plans, essentially moving their completion timeline forward by approximately one year. The upgrade requires that parties responsible for PKI-related activities at the enterprise and local level of network operations coordinate the execution of assigned tasks.
The DoD cessation of SHA-1 use will not occur immediately. Instead, DoD Non-classified Internet Protocol Network (NIPRNet) systems will simultaneously support SHA-256 and SHA-1 credentials for a period of time in order to allow currently issued CACs to remain operational until their expiration date.
Based on the DoD upgrade policy, Department of the Navy organizations will issue appropriate implementation guidance to ensure completion of upgrade activities.
To ensure the success of all upgrade activities, DON IT professionals, including those not directly responsible for the upgrade, must remain alert to potential operational conflicts and work with non IT leadership to resolve these issues well in advance of scheduled completion timelines.
Roddy Staten is a Certified Information Systems Security Professional (CISSP) on the Cybersecurity Team in the office of the DON Chief Information Officer (DON CIO).
Additional Information:
SHA-256 Coordination – http://iase.disa.mil/pki-pke/Pages/index.aspx
NIST Comments on Cryptanalytic Attacks on SHA-1 – http://csrc.nist.gov/groups/ST/hash/statement.html
NIST Policy on Hash Functions – http://csrc.nist.gov/groups/ST/hash/policy.html
Secure Hashing – http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html
DON CIO – http://www.doncio.navy.mil