Hacked Certificate Authorities - Nothing Left to Trust

Monday, September 12, 2011

Rafal Los

0a8cae998f9c51e3b3c0ccbaddf521aa

Roll Camera...

An astonishing revelation today, from a person claiming to be a 21 year old Iranian... http://pastebin.com/85WV10EL.

When the very authority that helps your computer systems identify who to trust is compromised... who or what is there left to trust?  I don't mean to sound alarmist, but if even half the claims this black hat hacker are making are true - we have a severe Defcon 1 -style problem on our hands.

The Root Certificate Authorities (Root CAs) are supposed to be the most heavily guarded, top-secret entities out there on the Internet.  They provide the verification for SSL (Secure Sockets Layer) certificates, and validate that the holder of a certificate is valid and legitimate.  So what happens when someone can infiltrate one, or in this case allegedly several, root CAs and start issuing [false] certificates?

In the most simple scenario, that hacker can impersonate virtually any organization, or anyone.  Google.HackerControlledSite.com may very well be "Google", if your browser believes that it is.  Here's where the whole system breaks down... it's all a matter of trust.

A Matter of Simple Trust

Simplistically put, when your browser (or some piece of cryptographically-aware software) initiates a connection that is required to be secure (that means that little gold lock in your browser) it needs to verify that the party it's connecting to is who they say they are. 

So if you're trying to connect to Secure.SomeSite.com, your browser will first accept the SomeSite.com certificate that is presented and look at the signing Root CA.  This means that your browser must trust the CA (Certificate Authority) that has validated/issued (in other words, attested to) the validity of this third party identity.  What makes this whole matter painful is that there are a limited number of trusted Certificate Authorities out there... and this is by necessity. 

Keeping track of who is trustworthy has been a part-time hobby lately, and one maintained by each of the browser makers independently - but this hasn't been effective, and clearly needs a revamp... 

Right now, my installation (pretty stock) of Internet Explorer 9 has 58 certificates (see screen shot) that are trusted root certificate authorities.

IE_Root_CAs.jpg

Every browser updates these Root CAs differently, but for the most part an update is pushed out to invalidate a root CA - so this isn't a simple matter of just add/remove silently on the browser's part.

DigiNotar is the biggest story right now because the Dutch government runs on their certificates... all of the Dutch digital government.  You can read the incident response write-up here.

Consequences of Broken Trust

There are many different consequences of hacked CA ...

  • a malicious attacker can stealthily impersonate a legitimate organization by issuing a fake certificate (although totally valid as far as your browser is concerned) for the purpose of stealing credentials, setting up fake bank sites, etc...
  • a malicious attacker can impersonate a software update service (a la Microsoft Windows Update) via a slight-of-hand such as a DNS hijack plus certificate impersonation - this way Windows will take the update as if it was from Microsoft and happily install it.  This goes for any software that operates in this update model!
  • legitimate organizations who have had their organizational certificate issued from a hacked Root CA find themselves immediately (once the CA is invalidated globally) with an invalid SSL certificate, which causes added confusion, downtime, and other issues
  • code-signing trust is broken; meaning, a piece of software that comes to your workstation (via various means) can't be trusted even if it is signed by a supposed trusted authority

Worst-Case Scenarios

As in any situation, it's smart to be prepared for a worst-case scenario.  In this case, where the authority that validates security certificates can't be trusted, the worst-case scenario is pretty bleak. 

Should VeriSign or one of the true-root CAs become compromised like this... who will say what is trusted and trust worthy?  Who will be able to identify a real from a fake certificate, and subsequently a real vs. fake site, software, or signature?

One of the dangers of a completely connected, digital universe of information and technology is that at some base level, trust has to be rooted in something.  If that something becomes compromised, or even suspect... the whole web of trust and assurance falls apart - and we're left with handshakes and much more low-tech verifications of trust... and in this world we live in, that would be catastrophic. 

Given how difficult and painful it's been to revoke root or intermediate CA trust from high-profile browsers like Mozilla and Microsoft... I'm not sure we've planned for that kind of failure scenario... and that's what really worries me.

Quick Update

So, apparently some folks didn't quite believe the hacker when he claimed to have a google.com certificate faked... so he offers proof. http://pastebin.com/jhz20PqJ

Yes, this is worrisome and does extend beyond the people of the Netherlands.

Cross-posted from Following the White Rabbit

Possibly Related Articles:
13466
Webappsec->General
Information Security
Digital Certificates Trust hackers Comodo DigiNotar Certificate Authority
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.