Internet’s Digital Certificate System Weakness Allows Trusted Web SSL To Be Faked
Researchers have uncovered a weakness in the internet’s digital certificate system that allows them to forge counterfeit credentials needed to impersonate virtually any website that relies on the widely used security measure. Using more than 200 PlayStation 3 game consoles, the researchers are able to create a secure sockets layer certificate for any website of their choosing. The forged certificate causes all the major browsers to display a message indicating the website the user is visiting is legitimate because it’s been vetted by a trusted certificate authority using supposedly robust cryptographic measures.
Such attacks could make it easier for phishers to impersonate the sites of banks and other sensitive online services. The findings were presented Tuesday at the 25th annual Chaos Communication Congress in Berlin by researchers from Centrum Wiskunde & Informatica (CWI) in the Netherlands, EPFL in Switzerland, Eindhoven University of Technology (TU/e) in the Netherlands and independent labs in California.
The attack is based on known weaknesses in the cryptographic hash function known as MD5. In 2004, researchers from China showed it was possible to generate the same MD5 fingerprint for two different messages using off-the-shelf computer hardware. Three years later, a separate group of researchers – many who participated in Tuesday’s presentation in Berlin – built off of those findings by showing how to have almost complete freedom in the choice of both messages.
The latest findings take the known MD5 weaknesses a step further by showing how so-called collisions allow for the creation of valid digital credentials used by certificate authorities, which are appointed organizations that validate the authenticity of websites used for banking and other sensitive online activities. Once the researchers have generated the rogue certificate authority certificate, they can create SSL certificates for any site that will be accepted by just about any web-connecting device.
The vulnerability in the web’s SSL system is made possible by a handful of certificate authorities who continue to rely solely on MD5 to sign certificates. Even though the number amounts to a tiny fraction of authorities, all web browsers continue to accept MD5 hashes. The researchers didn’t identify the certificate authorities by name.
The researchers began their proof-of-concept attack with more than 200 PlayStation 3 consoles running in a Linux cluster, which they used to generate millions of possible certificates. Once they found a pair that had a special collision in the MD5 hash, they requested a legitimate website certificate from one of the authorities that relies only on MD5 to generate signatures.
After copying the signature into a rogue certificate authority credential, they had the ability to generate widely accepted website certificates for any site of their choosing.
To prevent misuse of their certificate, they set it to expire in 2004, so only machines that are badly out of date can be tricked by their attack. Still, Appelbaum says, it should now be clear that MD5 is irretrievably broken and can no longer be trusted.
Credit: The Register
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.