Cryptographic hashes form the basis of certificate-based message authentication in virtually all Internet protocols. With the use of SHA-1 hashing algorithm now considered unsafe, organizations have been rapidly migrating to SHA-2. All major browser vendors will soon stop supporting SHA-1 signed certificates.
Moving to SHA-2 presents a complex problem due to the integral nature of hash algorithms within PKIs, as well as various industry and application incompatibilities with SHA-2. Thales eSecurity Advanced Solutions Group (ASG) can help you securely manage the complexities of this critical migration.
Updating to SHA-2 can be complicated by compatibility issues with older Android and Windows OSs still widely used today, as well as new and legacy versions of Microsoft Office.
The more complex and aged your PKI, the more likely you are to encounter incompatibilities. For example, earlier supervisory control and data acquisition (SCADA) systems, payment systems based on hardened versions of Windows XP, older BYOD handsets, and even simple applications like macro signing can present challenges.
Thales eSecurity ASG has the experience to help you work around incompatibilities between SHA-2 and the applications you may be using in your PKI.
- Expertise to help you efficiently select among migration options
- In-depth knowledge of complexities to help you avoid pitfalls and mitigate risks
- Thorough upfront planning to minimize downtime