Microsoft, Google, Mozilla Abandon RC4 Cryptographic Standard - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications
Commentary
9/2/2015
01:05 PM
Larry Loeb
Larry Loeb
Commentary
50%
50%

Microsoft, Google, Mozilla Abandon RC4 Cryptographic Standard

With Microsoft, Google, and Mozilla turning against the RC4 cryptographic suite, the standard will likely die in 2016.

HTML5: 10 Tips That Will Change Your Life
HTML5: 10 Tips That Will Change Your Life
(Click image for larger view and slideshow.)

Something unusual happened in the browser arena on Sept. 1. Microsoft, Google, and Mozilla all simultaneously announced that their browsers will not support the RC4 cryptographic suite as of early 2016.

RC4 is a stream cipher that was first described in 1987. It has been widely used across Web browsers and online services for various purposes, mostly to enable "secure" connections under the TLS protocol.

However, recent attacks have shown that RC4 can be broken within hours or days. Typical attacks on RC4 exploit biases -- externally observable patterns -- in the RC4 keystream to recover repeatedly encrypted plaintexts. Cryptographers would call this a lack of "entropy" in the cypher.

These kinds of attacks on the cypher led the Internet Engineering Task Force to ban the use of RC4 in TLS negotiations as of February.

Microsoft's announcement stated the problem this way: "Microsoft Edge and Internet Explorer 11 only utilize RC4 during a fallback from TLS 1.2 or 1.1 to TLS 1.0. A fallback to TLS 1.0 with RC4 is most often the result of an innocent error, but this is indistinguishable from a man-in-the-middle attack."

Google was more direct about the problem. The search giant noted: "We plan to disable support for RC4 in a future Chrome release. That release is likely to reach the stable channel around January or February 2016. At that time, HTTPS servers that only support RC4 will stop working."

That time frame is the same that all three announced in their statements.

Google added: "Measurements show that only 0.13% of HTTPS connections made by Chrome users (who have opted into statistics collection) currently use RC4."

Google went on to describe RC4 usage in Chrome. "Current versions of Chrome don't advertise support for RC4 on an HTTPS connection unless the first connection attempt fails, so servers that already support a non-RC4 cipher suite will not see any change," according to Google.

So, Google thinks this is not really a large problem that they face here.

[Read about Chrome ending support for Flash-based ads.]

Mozilla, on the other hand, concedes that this action may cause some problems.

"There is a small but measurable population of servers out there that require RC4," according to Mozilla. "Scans by Mozilla QA team find that with current Aurora (whitelist enabled), around 0.41% of their test set require RC4, 820 sites out of 211k. Disabling the whitelist only results in a further 26 sites broken, totaling 0.4% of sites."

In any case, support for RC4 is going away in early 2016 for all of these browsers.

Server operators that have questions about what ciphers their TLS implementations contain can use the SSL Lab's tool to check out their particular installation.

Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek. He has written a book on the Secure Electronic Transaction Internet ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
larryloeb
50%
50%
larryloeb,
User Rank: Author
10/12/2015 | 5:24:01 PM
Re: Disabling RC4
Yeah, RC4 has been known vulnerable for awhile now.

SHA-1 is next on the depreciate now list.
TejGandhi1986
50%
50%
TejGandhi1986,
User Rank: Apprentice
10/12/2015 | 3:20:38 PM
Disabling RC4
RC4 has risen to the forefront since a long time ,A Belgian researcher however broke the algorithm in a matter of 52 hours  .

It is a might be a good direction in disabling RC4 algorithm and to replace it with a stronger algorithm.It is interesting to know it will be replaced by which stronger algoorithm.

Thanks and Regards

Tej Gandhi

https://ca.linkedin.com/pub/tej-gandhi/2b/a88/a10

 
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll