Two Security Bulletins: SHA-1 Collision Attack and Cloudflare Incident

By February 24, 2017 Security News No Comments

The only constant in security is change. As technology evolves, we work hard to stay one step ahead and ensure your information stays safe. Two stories broke recently that many in our community may be concerned about, so we’re here to answer your questions about what you as a LastPass user need to know.

Cloudflare

In summary: LastPass does not use Cloudflare and is not affected by their recent security incident.

What happened: Cloudflare is a SaaS company that helps optimize the security and performance of websites. On Thursday, February 23rd they warned customers about a recently-fixed vulnerability (disclosed by Google researcher Tavis Ormandy). While the vulnerability potentially exposed a range of sensitive information, we can confirm that LastPass does not use Cloudflare and is not affected.

However, LastPass users may have accounts on websites that do use Cloudflare. Therefore, if any services you use have disclosed that they were affected, we recommend updating your password. While the risk to those accounts is minimal, it’s better to be safe.

SHA-1 Collision Attack

In summary: LastPass users can feel secure knowing our hashing and our website are safe. For creating password hashes, LastPass uses iterated hashing with at least a SHA256 or better hashing component. HTTPS certs use at least SHA256 or better for the digest. As noted by the Google Security team, SHA-256 is a safer cryptographic hashing function.

What happened: Google Security Team recently disclosed the first known practical attack against SHA-1. SHA-1 (Secure Hash Algorithm 1) is a hashing function that dates back to 1995. Hashing is simply a one-way function (meaning it can’t be reverse-engineered) used to conceal and store data. It goes one step further than just encrypting something. SHA-1 is widely used for securing software, preventing tampering with software updates, and ensuring secure connections between websites and the customers that use them. However, SHA-1 has also been known to be vulnerable to theoretical attacks at least since 2005, and over the past few years Google has called for developers to move to other algorithms.

The new report, released on Thursday, February 23rd, shows how security researchers had achieved the first real-world collision attack against the SHA-1 hash function. This means two completely different files (in this case, PDFs) were used to produce the same SHA-1 signature. That’s not supposed to happen; each file should produce it’s own SHA-1 signature, otherwise a “fake” file could pass as the “true”, trusted file.

As we stated above, LastPass generates authentication hashes with PBKDF2 implemented with SHA-256, not SHA-1. Our website connection at LastPass.com is also secure, as our HTTPS certificate utilizes SHA-256, not SHA-1.

To be thorough, we are removing the use of SHA-1 in other areas of the product, such as the use of SHA-1 in the signing of the binaries. The risk there is very low and we are progressing with our planned removal of SHA-1 on an accelerated roadmap in the light of this collision report.

As always, we will be sure to keep our community up-to-date on any new developments.

Thank you,

The LastPass Team