Among the changes pushed by Microsoft on Oct. 9 as part of its monthly ritual known as Patch Tuesday, the company installed a new minimum standard for the size of encryption keys used to sign digital certificates. From now on, computers accepting updates directly from Microsoft will no longer accept digital certificates signed with RSA keys smaller than 1024 bits.
The move is part of Microsoft’s continuing efforts to tighten up security around its certificate issuing process. That process embarrassed the company last June when it was discovered that a cyber espionage program called Flame contained a feature that compromised Windows updates.
Flame found a way to issue bogus certificates signed by Microsoft. The certificates were used to divert requests to update Windows from healthy machines to infected machines. Those machines then pushed infected Windows updates to the healthy machines, creating more infected machines.
Microsoft quickly addressed the certificates situation, so quickly that some security experts felt that the company may have known about the vulnerability exploited by Flame but was holding off on fixing it until it launched Windows 8. At that time it was predicted that Microsoft would change the length of the keys it uses for its certificates, which it did on Oct. 9.
In a security advisory, Microsoft explained that the private keys used in certificates with RSA keys less than 1024 bits in length are too easy to crack. Once compromised, certificates could be duplicated by an attacker and they could be used in all kinds of mischief, such as spoofing content, performing phishing attacks and launching man-in-the-middle forays.
In public key cryptography, two encryption keys are used. A public key is used to encrypt data. A private key is used to decrypt it. Public keys are widely distributed so anyone can encrypt data and send it to the owner of the public key. That data can only be decrypted, however, with the private key, which the owner is supposed to keep secure.
Digital certificates are used to tell a person who owns a particular public key. The certificate is an electronic credential used to certify the online identities of individuals, organizations and computers. A certificate includes the public key, plus information about it — who owns it, what it can be used for, when it expires and such.
A digital certificate can only be created by the person who has the private key for the certificate. An attacker can try to guess what the key is. That’s usually done by what’s called a “brute force” attack. Such mathematical assaults can take a lot of computing power. However, the shorter a private key is, the easier it is to crack.
“Using modern hardware, keys less than 1024 bits in length can be successfully guessed in a short amount of time,” Microsoft explained.
Since 512-bit RSA keys were introduced in 1999, computing power has increased a tad, making the technology unsafe.
In its advisory, Microsoft explained that the new changes affect only applications and services that use RSA keys for cryptography and call into the CertGetCertificateChain function. Applications and services impacted by the change included encrypted e-mail, SSL/TLS encryption channels, signed applications and private PKI environments.
Certificates that do not use RSA are not affected by the update.