Google has announced it's completed the upgrade of all its SSL certificates to 2,048-bit RSA or better. Earlier this year the internet search giant had revealed plans to start switching to the new 2,048-bit certificates on August 1st, with the goal of completing the upgrade by the end of the year. "Coming in ahead of schedule, we have completed this process", Google security engineer Dan Dulay said.
The use of 2,048-bit keys will make it very difficult for hackers as well as government agencies to crack the SSL connections that encrypt the company's communication over the internet. Google said that the company is "Happy to support" the deprecation of 1,024-bit RSA and hopes that the upgrade will help the industry to retire the existing encryption technology.
Despite terming the 1,024-bit encryption as weak, the company maintained that the confidentiality of SSL connections to its services from modern browsers was never dependent on 1,024-bit RSA keys due to the use of Forward Secrecy – a technology that uses different encryption keys for different sessions, making it difficult to decrypt a bulk of messages through a single key.
After revocation of all outstanding certificates, the company has also destroyed the hardware security module (HSM) that contained its 1,024-bit intermediate certificate, letting Google Internet Authority G2 to issue 2,048-bit certificates.
Google has been working hard to tighten its data security ever since the documents revealing NSA's spying operations were made public by NSA whistleblower Edward Snowden.