Business Focused IT Support

SHA1 SUPPORT ENDING IN 2016

by Nicki Dowsett in DNS Web Hosting, SHA1 Algorithm, SHA2 Algortihm, SSL Certificates

SHA1 SUPPORT ENDING IN 2016

For many internet users we simply enter the website address we require and browse – we don’t worry about all the technical information and algorithms going on in the background.  Quite simply we don’t need to know and we access information on the world wide web at our leisure.

There are a number of people in the world that unfortunately spend a lot of time and make money by trying to break the cryptographic algorithms in the back ground.  More commonly known as hackers.  We have all recently seen the news stories of large organisations being hacked and customer details stolen – Talk Talk and VTech being the most recent to hit the headlines.  Hackers are constantly looking at ways to break the system.

SHA1 is one of the most crucial cryptographic algorithms, and has for a long while been the algorithm supported by all browsers.  This is a hash function that can be used to map digital data of arbitrary size to digital fixed size.  In terms for you and me, it basically takes a section of text, computer code or other message and encrypts it to a long string of letters and numbers, individual to that message.  Any slight change to the message would mean a new hash must be generated.  This allows data to remain secure, like a fingerprint the hash must always be unique.  If the hash is not unique the door can be opened and this is when hackers can get access to secure information on banking sites, downloads and websites.

It has recently been announced that in 2016, many browsers will no longer support SHA1.  Its replacement SHA2 will be algorithm supported in the back ground by newer web browsers, however some of the older browsers will not be able to support this new algorithm. It is therefore essential that you ensure your web browser is the latest available version.  This isn’t the first time the algorithm has needed to be updated.  Back in 2008 following a number of attacks on MD5 (a previous algorithm), SHA1 was implemented.  However it took till 2013 to get all browsers to support SHA1 as opposed to MD5.  With technology constantly changing and getting faster SHA1 is now potentially open to attack.  In fact cryptographers have been warning since 2012 the advances of technology means that SHA1 could also be openly attacked.

According to Cloudflare.com  SHA2 is supported by at least 98% of browsers so many of us won’t even be aware of the potential threat.  If you are not on one of the web browsers supported by SHA2 when you try to access an encrypted site you will see the page cannot be displayed error.

We recommend that you ensure you are using one of the newer web browsers.  Should you require any assistance in updating your browsers or have any questions please contact our help desk team.

Additionally MPR IT can offer services relating to your business web site including SSL Certificates (Secured Socket Layer) and Domain hosting on our own DNS servers.

SSL CERTIFICATES

SSL Certificates create an encryption between your web server and your visitor’s web browsers to allow private information to be kept secure without the risk of data being tampered with. They are typically used on sites that have a secure log in area with password protection or where customers buy products directly from your site allowing transactions to remain secure.  When a SSL certificate is used on a website you will see a padlock in the web browsers or the start of the web address will be https://.  This means that only the business that owns the website can access secure data.  Most SSL certificates will only apply to one domain name, however please contact us to discuss your options should you have more than one registered domain name for your business.

NEW DNS SERVER & WEB HOSTING

Many of our clients use MPR to host business web sites on the internet.  In order to do this MPR uses a number of different hosted DNS (Domain Name Server)/Nameservers. A DNS is effectively a phonebook for the internet, maintaining a directory of domain names and translates these to IP addresses.

When you request a site such as www.mpr-it.co.uk it will check the nameservers for the web address, and then grab the I.P (telephone number) behind the name and point you to the “property” the “telephone number” belongs too. (The property being the webserver). This is a brief explanation but DNS “records” are responsible for pointing your businesses email, website, servers etc. to the correct “telephone numbers” of your “property”.

We are able to lease space to our clients to store their web site and any data associated with it.  With the recent installation of a new DNS we are able to offer a more stable and resilient service to our clients, with improved failover, custom branded nameservers and various reporting utilities (on request).

Should you wish to discuss the services that we can offer your business or if you feel that the issues covered in this blog may affect you Please contact MPR IT on 0800 030 20 30 or info@mpr-it.co.uk

Tags: , , , , ,

Comments are closed.