It\u2019s been a raucous few months in crypto circles. In a staid, mathematical world long accustomed to incremental changes, new developments are coming as fast as Chrome browser updates.I\u2019m not sure what\u2019s behind the breaks, but crypto cracking suddenly seems to have accelerated. Here\u2019s a quick roundup of what\u2019s been going down -- and advice for those of you still relying on the SHA-1 hash algorithm.Encryption madnessFirst of all, researchers recently revealed that 512-bit RSA keys can be broken in four hours for $75. Yes, 512-bit RSA keys have been known to be unusably weak for a long time, but the researchers found that nearly 7 percent of websites and more than 10 percent of email servers still use them. (Even bleeding-edge DNSSec adopters work with them.) What has changed? Anyone can rent a slice of cloud computer time, throw in some GPUs, and break the keys for less than what you might pay to check two pieces of luggage at the airport.For more than a decade, we\u2019ve been told that elliptical curve cryptography (ECC) is supposed to replace RSA. That advice is so last month. Now the NSA recommends that everyone skip over ECC, though the reasons aren\u2019t clear. The NSA blames quantum computing gains, but others feel the agency must have discovered some math that shortcuts the hard equations meant to provide protection.Even if you have appropriately sized keys, it turns out that cracking a large percentage of Diffie-Hellman exchanges can probably be accomplished by more parties than we thought. It turns out that many encryption programs use the same shared prime number -- and many more share only two or three of them. The authors of a blog post discussing the underlying landmark paper on this subject say it best: \u201c\u2026 one-time investment in massive computation [which the NSA and others likely have] would make it possible to eavesdrop on trillions of encrypted connections.\u201d This would back up statements from 2012 by NSA expert James Bamford.You may have reliably secure algorithms good for the long run, but vendors can\u2019t seem to get deployments right. This month we learned that cracking self-encrypting Western Digital hard drives is child\u2019s play. As with so many implementations before it, the company created a virtual door with an impossible-to-penetrate lock combination, then stored the combination under the doormat. If it isn\u2019t the crypto or crypto solution itself isn't broken, some other protocol can be used to roll back the fix.October hasn\u2019t been all bad news. Apple told the government that its device encryption doesn\u2019t have a backdoor and Google announced that its mobile encryption is turned on by default without a backdoor. On top of that, the Obama administration announced that the government wouldn\u2019t ask for a mandated backdoor in U.S. encryption products. Of course, with all the NSA compute power, maybe they don\u2019t need one.Your friendly SHA-2 reminderThe biggest news that directly impacts most crypto users is the continued weakening of the SHA-1 hash algorithm. Many software vendors have asked their customers over the last year to move from SHA-1 to SHA-2 for digital signatures as soon as possible. Many browsers and PKI products are mandating that move by Jan. 1, 2016 -- or Jan. 1, 2017 at latest -- for SSL\/TLS, code signing, and a handful of other certificate types.The latest SHA-1 weakening is called a freestart collision. It isn\u2019t a usable collision, but it\u2019s a step in that direction. These days most encryption breaks happen in a somewhat predictable cycle, from the first published theoretical weakness to full usable exploit, with each step representing new orders of magnitude along the way.Consider how SHA-1\u2019s predecessor, MD5, was broken. Released in 1991, the first theoretical flaw was found in 1996. Then, from 1996 to 2008, incremental, theoretical cracks further weakened MD5\u2019s protection. Finally, in 2008, researchers created a fake certificate, and in 2012, a fake cert was deployed in the wild using the Flame malware program.SHA-1 is in the \u201cfurther weakening\u201d stage. I\u2019m no crypto expert, but my best guess is a real-life break will arrive in the next five years. Will it be next year? I don\u2019t think so, but with cryptoanalysis on a hot streak and cloud computing power only getting cheaper, I wouldn\u2019t wait too long.Some vendors -- Mozilla, for example -- responded to the news by moving their SHA-1 deprecation treatment from Jan. 1, 2017 to Jan. 1, 2016. As security luminary Bruce Schneier says, \u201cDon\u2019t panic, but prepare for future panic.\u201dHere\u2019s your warning: Start now and prepare to move everything from SHA-1 to SHA-2. At the very least, take inventory of every item that relies on encryption and figuring out if it can be moved to SHA-2, if it hasn\u2019t already. This will consume the bulk of the time in the migration project. Then move, but keep your SHA-1 Certification Authority PKI server around if you\u2019re worried about what you\u2019ll break transitioning to SHA-2.However, don\u2019t rush so fast that you cause critical operational interruption. We\u2019re not in the period of a real-world, usable SHA-1 break yet. If you get started today, though, you\u2019ll have a better chance of completing that effort by the time it counts.