Posted on Feb 23, 2017 by PIA Team

Private Internet Access is safe – On SHA-1 Security

Share Tweet Plus

private internet access announcement

The team behind has recently released a practical attack on SHA-1. We want to put our users at ease by clarifying that the current attack on SHA-1 is not an attack on HMAC-SHA1.

HMAC is an specific type of messaging authentication that utilizes a hash function. Despite its use of the hash function, though, its security is substantially stronger than the security of the underlying hash function used. The lack of security against collisions on SHA-1 doesn’t imply a lack of security of HMAC-SHA1.

All of our VPN packet authentication happens with HMAC-SHA-1 and is therefore safe from the security issues found by the collision attack found on SHA-1. Therefore, for now we won’t be deprecating the use of HMAC-SHA1. We’ll nonetheless keep an eye on developments of any indication of a break on HMAC-SHA1 and will move to HMAC-SHA256 if it seems necessary.

Keep in mind you can also change your encryption settings on the “Encryption” tab on our VPN client if you want to switch your connection to use HMAC-SHA256 instead, among other choices of data encryption and handshake.

All of our certificates use SHA-256 or above and are therefore not affected by this collision attack.

We’re always committed to protecting your privacy and ensuring your security on the internet.


Other discussions by experts:

VPN Service

Leave a Reply

Your email address will not be published. Required fields are marked *


  1. makapav

    Thank you for releasing this. I know I’ve sided with the right team for my privacy.

    2 years ago
  2. Jay Witchikle

    Thanks for sharing this. I hope I got this with my Astrill network.

    2 years ago
  3. Miro Avramoff

    Thank you for sharing this. But does it means, that with sha-1 we will have enough security with more speedy traffic? Alsaw, sorry, that I haven’t did my research on that topic, but it is enough secure to be used RSA-2048 and and AES-128? Just because they provide a very faster Internet experience…

    And above all: Thank you PIA for creating that Extension for Chrome, which actually is the only one current security solution for Chrome OS on Chromebooks and Chrome OS devices!

    1 year ago