All products
Microsoft’s Long Battle to Deprecate RC4: A Decade-Long Effort to Enhance Security
Microsoft has been working to deprecate the RC4 cryptographic algorithm for over a decade, but the task has proven to be a challenging one. According to Steve Syfuhs, who runs Microsoft’s Windows Authentication team, the difficulty lies not in the algorithm itself, but in its widespread adoption and the complex rules governing its use.
RC4 has been present in every OS shipped over the last 25 years and was the default algorithm for a long time, making it a daunting task to kill off. Syfuhs explained that the problem is not the algorithm’s existence, but how it is chosen and the rules that have spanned 20 years of code changes. Over the years, developers have discovered numerous critical RC4 vulnerabilities that required “surgical” fixes, which made it difficult for Microsoft to deprecate the algorithm.
No Salt, No Iteration: The Weaknesses of RC4
The RC4 algorithm has known cipher weaknesses that make it insecure, and its implementation in Active Directory authentication uses no cryptographic salt and a single round of the MD4 hashing function. This lack of salt and iteration makes it easier for hackers to crack passwords, as it requires less time and resources. In contrast, Microsoft’s implementation of AES-SHA1 is much slower and iterates the hash to further slow down cracking efforts, making it a more secure option.
Syfuhs noted that Microsoft considered deprecating RC4 by this year but ultimately “punted” after discovering vulnerabilities that required still more fixes. However, the company introduced some “minor improvements” that favored the use of AES, which led to a significant drop in RC4 usage. “Within a year we had observed RC4 usage drop to basically nil,” Syfuhs said. “This is not a bad thing and in fact gave us a lot more flexibility to kill it outright because we knew it genuinely wasn’t going to break folks, because folks weren’t using it.”
Challenges and Solutions
Microsoft’s efforts to deprecate RC4 were not without challenges. The company had to navigate complex code changes and ensure that the transition to more secure algorithms did not disrupt existing systems. Syfuhs documented the additional challenges Microsoft encountered and the approach it took to solving them, providing valuable insights into the complexities of cryptographic algorithm deprecation.
Windows admins would do well to audit their networks for any usage of RC4, as it may still be active despite its known weaknesses. Given its wide adoption and continued use industry-wide, it is essential to ensure that more secure algorithms like AES-SHA1 are being used. For more information on Microsoft’s efforts to deprecate RC4 and enhance security, visit Here
Image Credit: arstechnica.com