Posted on Feb 23, 2017 by PIA Team

Private Internet Access is safe – On SHA-1 Security


private internet access announcement

The team behind shattered.it has recently released a practical attack on SHA-1. We want to put our users at ease by clarifying that the current attack on SHA-1 is not an attack on HMAC-SHA1.

HMAC is an specific type of messaging authentication that utilizes a hash function. Despite its use of the hash function, though, its security is substantially stronger than the security of the underlying hash function used. The lack of security against collisions on SHA-1 doesn’t imply a lack of security of HMAC-SHA1.

All of our VPN packet authentication happens with HMAC-SHA-1 and is therefore safe from the security issues found by the collision attack found on SHA-1. Therefore, for now we won’t be deprecating the use of HMAC-SHA1. We’ll nonetheless keep an eye on developments of any indication of a break on HMAC-SHA1 and will move to HMAC-SHA256 if it seems necessary.

Keep in mind you can also change your encryption settings on the “Encryption” tab on our VPN client if you want to switch your connection to use HMAC-SHA256 instead, among other choices of data encryption and handshake.

All of our certificates use SHA-256 or above and are therefore not affected by this collision attack.

We’re always committed to protecting your privacy and ensuring your security on the internet.

References:
http://cseweb.ucsd.edu/~mihir/papers/hmac-new.html

Other discussions by experts:
https://www.schneier.com/blog/archives/2005/02/sha1_broken.html
https://twitter.com/SteveBellovin/status/834756917037789185
https://twitter.com/jedisct1/status/834751306057338881
https://twitter.com/matthew_d_green/status/594302564700553216


VPN Service

Leave a Reply

Your email address will not be published. Required fields are marked *

3 Comments

  1. makapav

    Thank you for releasing this. I know I’ve sided with the right team for my privacy.

    10 months ago
    Reply
  2. Jay Witchikle

    Thanks for sharing this. I hope I got this with my Astrill network.

    9 months ago
    Reply
  3. Miro Avramoff

    Thank you for sharing this. But does it means, that with sha-1 we will have enough security with more speedy traffic? Alsaw, sorry, that I haven’t did my research on that topic, but it is enough secure to be used RSA-2048 and and AES-128? Just because they provide a very faster Internet experience…

    And above all: Thank you PIA for creating that Extension for Chrome, which actually is the only one current security solution for Chrome OS on Chromebooks and Chrome OS devices!

    6 months ago
    Reply