Advanced Cryptography

Entrust SSL Certificates, Powered by SHA-2 Security

Developed by the National Institute of Standards and Technology (NIST), SHA-2 represents the most current set of cryptographic hash functions. At a micro level, SHA-2 is based on a set of four hash functions — 224, 256, 384 or 512 bits — which strengthens the original SHA-1 hash function released in 1995 by the NIST.

To provide more compatibility, Entrust Certificate Services customers have the choice to sign any Entrust digital certificate with SHA-1 or SHA-2. And best of all, the option to use this advanced level of cryptography, based on the SHA256 implementation, is offered to Entrust customers at no extra cost.

In fact, the SHA-2 standard may be used with any of Entrust's digital certificates, including EV Multi-Domain SSL Certificates, Advantage SSL Certificates, Standard SSL Certificates, UC Multi-Domain SSL Certificates and Wildcard SSL Certificates. SHA-2 is even available with Entrust's signing and user digital certificates, including Adobe CDS, Secure Email and Code Signing.

Though most organizations won't experience any compatibility difficulties, some older systems — such as those running Microsoft Windows XP SP2 (or older) or outdated Web browsers — are unable to support SHA-2 encryption. In these situations, administrators will need to either use SHA-1 certificates or upgrade these systems to SHA-2-supported configurations.

What is SHA?
SHA, or Secure Hash Algorithm, is one of the foundation algorithms used in public key cryptography. First published in 1993, SHA encryption is organized in a series that continue to evolve but not necessarily built upon its predecessor. To date, the hash algorithms were released as SHA-0 (1993), SHA-1 (1995) and SHA-2 (2001). The next version, SHA-3, is under development and yet to be released.

What's Next for SHA?
While organizations are currently standardizing on SHA-2, cryptographers have been building the foundation of SHA-3 since 2008. Though a SHA-3 release date has not been announced, the NIST is sponsoring an open competition to develop the next hash algorithm.

Only five SHA-3 hash entries advanced to the third and final round. Scheduled for early 2012, a final candidate conference will take place to discuss community feedback and findings. The next SHA-3 cryptographic hash algorithm is expected to be announced in late 2012.

Want to know more?

Explore Entrust's comprehensive portfolio of digital certificates.

Learn more

EV Multi-Domain SSL Certificates

Entrust SSL certificates provide encryption-based security of sensitive information for websites and are the solution of choice for IT administrators charged with protecting their customer's transactions. Entrust SSL products are designed to meet and exceed even the most rigorous enterprise security standards, including guidelines stipulating scalability, manageability, and cost effectiveness while providing robust 256k-bit end-to-end encryption of customer interactions.

Entrust offers a range of SSL related products, including EV SSL certificates, which effortlessly integrate into an organization's existing e-commerce platform to provide a superior standard of web-based transactional security. EV Multi-Domain SSL Certificates denote the integrity of a website by requiring Entrust, the SSL certificate provider, to verify the identity and domain of the site owner prior to issuing an SSL secure server certificate. This additional layer of validation is signaled by a green address bar in major browsers, use of the https SSL protocol, and a badge from Entrust indicating the advanced level of security — all resulting in a higher level of consumer trust.

For over a decade, Entrust has been a leading provider of e-business solutions that secure online communications and transactions for enterprises.