Secure Socket Layer (SSL) technology has been and is still at the heart of secure web communication for just about as long as there has been a commercial internet. Based on algorithms developed by RSA, SSL certificates are available from more than several certificate authorities. Verisign built an Internet powerhouse on the basis of its SSL business. Consumers have grown up knowing that when they see that closed lock in their browser they can be confident that their communication is secure.
Lately, though, the fact that the lock was there has not always meant all was well. There have been incidents of forged certificates, hacking into Certificate Authorities, and the planned phase out of the 1024-bit RSA certificates. The fear is that with the pure computational power available today, the venerable 1024-bit certs could be brute forced. NIST has mandated the move to a new 2048-bit RSA standard.
Some are questioning whether the new 2048 certs are strong enough. But a bigger issue is the larger the bits of encryption, the more time and cycles it takes to use on both servers and in browsers. Moving up to 2048 bits is going to make an impact on speed and resources. Worse, if we have to move to 3072 bits, the load on servers and browsers is even worse. As you go up the ladder in bits, the load becomes increasingly more heavy.
Yes, the good old SSL is a little bit long in the tooth. Seems like a good refresh might be in order. The good news is that a refresh is coming, too. In addition to upgrading to the 2048-bit RSA standard, we now have two new standards for SSL. One is the DSA standard developed by the NSA. It uses a different algorithm then the RSA certificate, but in terms of size, the new NIST standard would require a 2048-bit certificate.
Another option is the Elliptic Curve Cryptography (ECC) algorithm. At only 256 bits, it is much smaller and therefore easier on the resources of both servers and endpoints. You can read a lot about it and about Symantec's new SSL certificates coming out that support it in a good article by Ellen Messmer here. The chart below shows some of the advantages of ECC.
By the way, those new Symantec certs support all three algorithms. Other certificate authorities are offering some "hybrid" ECC support. Symantec, as the owner of the Verisign business, is way out in front there, though. It has already ceded the ECC root in most of the major browsers, and most web servers have support for it as well. The question will be how quickly the ECC standard is adopted by other authorities and users of SSL certificates. But it would seem the advantages of ECC lead to its inevitable adoption.
But there is more news on the SSL front as well. The major certificate authorities have formed a new industry association to bring some leadership to the SSL certificate industry. Not a standards body, the new CA Security Council, according to this article on Dark Reading, "plans to serve as a research, security advocacy, and education organization for the SSL CA world, its founders say. It plans to support the work of the CA/Browser Forum and other standards bodies, and to help develop enhancements to SSL and the security and operation of the CA process."
By the way, there is a great FAQ on SSL over at the CASC site. If you are not up on SSL technology, have sort of just gone with the flow and want an easy to understand explanation, it is a good place to start.
In the meantime, that wily old padlock looks like it is getting another chance. With new technology and Certificate Authorities working together, we can probably all sleep easier.