In face of Flame malware, Microsoft will revamp Windows encryption keys

Starting next month, updated Windows operating systems will reject encryption keys smaller than 1024 bits, which could cause problems for customer applications accessing Web sites and email platforms that use the keys.

The cryptographic policy change is part of Microsoft's response to security weaknesses that came to light after Windows Update became an unwitting party to Flame Malware attacks, and affects Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 operating systems, according to the Windows PKI blog written by Kurt L. Hudson, a senior technical writer for the company.

BACKGROUND: Flame's Windows Update hack required world-class cryptanalysis, researchers say 

MORE: Price tag for Microsoft piece of Flame malware $1M, researcher says

"To prepare for this update, you should determine whether your organization is currently using keys less than 1024 bits," Hudson writes. "If it is, then you should take steps to update your cryptographic settings such that keys under 1024 bits are not in use."

Even with preparation, updated machines may face issues such as error messages when browsing to Web sites with SSL certificates that are below the minimum 1024. They may also face problems enrolling for certificates when certificate requests use a 1024 or less key, the blog says. Installing Active X controls signed with 1024-bit or less signatures will also fail.

The same is true for installing applications signed with less-than 1024-bit signatures. The exception is those applications signed before Jan. 1, 2010, which will be allowed by default, the blog says.

The use of cryptographic keys shorter than 1024 bits makes them too vulnerable to brute-force attacks, Microsoft says, something that is widely recognized and dealt with, but not universally.

The biggest challenge for businesses getting ready for the change will likely be with legacy, in-house applications that interact with Windows platforms, says John Pironti, president of IP Architects and the security track leader for Interop.

Microsoft and many other software vendors can readily update the rules under which they accept certificates, he says. It may not be that easy to alter the rules used by custom applications, and in some cases IT security pros may not recall all the places where smaller key sizes are used. "That box just works and nobody thinks about it," he says. "A lot of cases will be, 'Oh, we forgot,' or 'We don't know how to upgrade that cert."

Dealing with such cases manually will require time and money, he says. In addition to changing settings, some hardware may need to be replaced because larger keys sap more processing power. On maxed-out machines, the added computation could cause unacceptable delay.

Overall, though, the transition should be more of an annoyance than anything else, Pironti says. As certificates issued to businesses expire, they are generally replaced with certs using longer keys, he says, so there might not be so many that remain in use.

There are commercial tools for finding and automatically replacing certificates that are too short, Pironti says. Among them is Director made by Venafi, which contributed to the latest NIST Information Technology Laboratory bulletin on certificate authority compromise and fraudulent certificates.

NIST currently has set a deadline of Dec. 31, 2013 for when entities ought to stop using 1024-bit RSA and DSA encryption. "However, since such keys are more and more likely to be broken as the 2013 date approaches, the data owner must understand and accept the risk of continuing to use these keys to generate digital signatures," according to a special publication called "Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths" published in 2011.

Microsoft is updating its operating systems in the wake of the Flame malware used to spy on networks in Iran. Flame exploited Micrsoft's use of the MD5 hashing algorithm in authenticating Windows Update. Microsoft officially disallowed its use in 2009 but failed to weed it out of its own products, particularly Terminal Server Licensing Service. Researchers figured out how to compromise MD5 using what they call collision attacks to obtain fraudulent certificates that are accepted as real.

Since Flame was publicized, Microsoft has started a campaign not only to shut down use of MD5 but also beef up other areas that have not fallen victim to attackers.

The August update will follow on yesterday's security advisory revoking trust for 28 certificates that fail the company's own recently upgraded security standards for the public key infrastructure underpinning Windows Update.

(Tim Greene covers Microsoft for Network World and writes the Mostly Microsoft blog. Reach him at and follow him on Twitter!/Tim_Greene.)

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Greene

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts