As everyone is talking about phasing out SHA-1 and Microsoft had announced their deprecation plan for SHA-1 already, I would like to dedicate a full blog post to talk about Cryptographic Providers and the role they play when it comes to supporting SHA-2
It cannot be ignored that basic knowledge about this topic is necessary when you phase out SHA-1 in your enterprise and start using/issuing new certificates that uses SHA-2 hash function.
I highly recommend that you read my previous blog post talking about hash functions, and why SHA-1 should be phased out. This blog post shows how to move away from SHA-1 and gradually move to SHA-2.
In Summary, your choice to move away from SHA-1 and start using SHA-2 depends directly on the type of Cryptographic Providers you are using.
What is Cryptographic Provider?
Cryptographic Provider is the component that performs cryptography algorithms, generates keys, provides key storage and authenticates users. This provider can be implemented in hardware, software, or both. Those providers are created by Microsoft, or by third party that distributes them.
In Microsoft Windows, two implementations are available:
- Microsoft Cryptography API (CryptoAPI)
- Cryptography API: Next Generation (CNG)
Active Directory Certificate Services and Certificate Enrollment API rely on those two providers. Other applications can use CryptoAPI or CNG to use the services they offer, but they cannot alter the cryptographic algorithm implementation or alter the keys created by those providers. This layer of security and such abstraction is the key goal for creating those providers in the first place. So if your application needs to create encryption or signing keys, they can use those providers in Windows to generate the key pairs so that they can signed later by a trusted Certification Authority.
This is the older of the two providers in Windows. this provider implements both:
- Key Storage
- Cryptographic algorithm
So a specific CryptoAPI provider will list its key storage capabilities and its supported cryptographic algorithms. Saying that, if you give me a specific CryptoAPI provider, I can list you its cryptographic algorithms and its key storage capabilities. You can refer to this MSDN article to see the capabilities of each CryptoAPI provider.
Cryptography API: Next Generation (CNG)
First introduced in Windows Vista, and it is meant to replace the old CryptoAPI. I cannot mention here everything about CNG, but it is worth mentioning that the new provider has kernel mode API that implements threat safety throughout the stack, provides process isolation for its operations and extensive auditing features.
One of the great features of CNG is backward compatibility. CNG provides support for the current set of algorithms in CryptoAPI 1.0. Every algorithm that is currently supported in CryptoAPI 1.0 will continue to be supported in CNG.
CNG came to comply with Federal Information Processing Standards (FIPS) 140-2, and it supports new enhanced algorithms. These new algorithms are called Suite B algorithms. These algorithms are announced by the National Security Agency NSA for future U.S government use back in 2005.
Well, enough with the standards. What this means? It means that CNG now supports Elliptic curve cryptography (ECC) which is a new approach for public key cryptography. In addition, CNG supports AES (all key sizes), the SHA-2 family (SHA-256, SHA-384 and SHA-512) of hashing algorithms, ECDH, and elliptic curve DSA (ECDSA).
Unlike Cryptography API (CryptoAPI), CNG separates cryptographic providers from key storage providers (KSP). CNG includes:
- Cryptographic Algorithm Provider that includes Symmetric, Asymmetric, Hashing and Key Exchange algorithms listed here.
- CNG Key Storage Provider (KSP) that is used to create,delete,export,import, open and store keys. There are many CNG KSP providers and they are listed here.
In summary, if you are using any CNG KSP provider, then you can use any of the algorithms available in the CNG Cryptographic Algorithm Provider , including SHA-2.
It is highly recommended to move to CNG KSP for your Certification Authority server in order to support SHA-2. Since CNG is available only on Windows Server 2008 or higher, you may need to upgrade your CA server.
Which provider my CA is using?
Run the following command from CMD on your CA:
Certutil –store my <Your CA common name>
For example, if you run Certutil -store my “Corporate Contoso CA” , the output will look like this:
From the picture you can see Provider = Microsoft Storage Key Storage Provider , which indicates the name of the KSP used , thus CNG provider is used.
How do I know that? If you go to this MSDN page, it will list the CNG Key Storage Providers in Windows:
What is next?
In your journey to phase out SHA-1 and start using SHA-2, you need to identify if you are using the legacy CryptoAPI providers or the new CNG Key Storage Providers. Accordingly, you may need to move to CNG KSP, and may be upgrade your CA Windows version accordingly to at least Windows 2008. Future posts will illustrate the whole process.