14 DAY TRIAL // Google has upgraded all its SSL certificates to 2048-bit RSA or better earlier than it was originally scheduled.
“We have completed this process which will allow the industry to start removing trust from weaker 1024-bit keys next year,” said Dan Dulay, Google’s security engineer.
The Internet giant has been working since May to change all the key lengths, aiming to finish up the process by the end of 2013, which it has successfully done. Considering that Google’s original announcement came weeks before the Snowden leaks demonstrated that very few things on the Internet were safe anymore, the changes couldn’t have come at a better time.
Now, with the new encryptions, things should be a little more secure, or at least that’s what Google hopes. Longer key lengths for encryptions securing banking transactions, email communications, and other online services should be more difficult to break.
“The hardware security module (HSM) that contained our old, 1024-bit, intermediate certificate has served us well. Its final duty after all outstanding certificates were revoked, was to be carefully destroyed,” Google’s Dulay wrote in a blog post.
The Google Internet Authority, the intermediate certificate authority, will issue 2048-bit certificates for websites and online services.
SSL has been the default option for Gmail since 2010 and searches of logged-in users have been automatically encrypted since 2011. Two months ago, Google made SSL default for all searches, in an effort to add yet another layer of privacy.
The encryptions have thus far successfully fought off hackers, but it doesn’t mean they haven’t been trying to crack the system. The NSA has been far more successful in beating the protocols, something that cryptographer Bruce Schneier, who has been working with The Guardian on the Snowden files, believes has damaged the infrastructure of the Internet itself, making it more unsafe for everyone. This is particularly due to the backdoors the agency installed and that can be exploited by hackers and criminals.