Google plans to upgrade all of its secure sockets layer (SSL) cryptographic protocols certificates to the stronger 2048-bit RSA keys by the end of the year.
The company began the upgrade process in May this year, security engineer Robert Dulay wrote on the Google Online Security Blog yesterday.
Recent revelations of intelligence agency spying have played a part in driving Google's decision to implement stronger security, Dulay explained.
"The deprecation of 1024-bit RSA is an industry-wide effort that we’re happy to support, particularly in light of concerns about overbroad government surveillance and other forms of unwanted intrusion," he said.
While only 768-bit RSA has been factored and cracked so far, 1024-bit is thought to be breakable. The United States National Security Agency (NSA) is rumoured to be working on decoding it using specialised hardware.
Despite concerns that connections secured with 1024-bit keys could be prized open, Dulay said this is not possible as Google uses Forward Secrecy for its internet properties.
Forward Secrecy does not keep private keys for encrypted connections in persistent storage, meaning an attacker that captures one won't be able to decrypt, for example, past Gmail traffic.
RSA previously offered cash prizes for factorisation of numbers, up to US$200,000 for RSA-2048. However, the larger number isn't thought to be factorisable for many years to come.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
