The SSL Security Model Is Falling Apart At The Seams
Insider Reports RSS Feed
Can anyone with the right resources hijack your connection? If so then what good is SSL?
It was only less than a year ago when Dan Kaminsky and Moxie Marlinspike wired.com showed just how easy it is to trick a Certificate Authority (CA) and a web browser into faking an SSL certificate by simply dropping a null character into the name to be registered. Simply placing a null character after the name of the site to fake as a sub-domain of the site before the real domain name would accomplish this. An example would be amazon.com\0.evildude.com. Even worse is the fact that ANYONE could just register what is called a wildcard domain, ex. *\0.evildude.com, and masquerade as any site on the Internet they pleased.
After that CA's cleaned up their act by stopping the issuance of such certificates but previously issued certs would continue to work until new versions of web browsers were released that would check for such flaws. Today we should all be safe from such attacks using modern web browsers, Firefox 3.5+ is not vulnerable to this type of attack, but the researchers example should make it quite clear that such a gaping hole in SSL security could happen again.
As if I could not rain down on the SSL parade any more, recently, a paper was released by Christopher Soghoian paranoia.dubfire.net detailing how governments, law enforcement, and potentially malicious entities can easily hijack SSL connections through coercion or even policy. As many governments have been given their own CA's so that they may control their own encryption needs they can just issue themselves a certificate for a real site and pretend to be that site. Then if a device existed to load that certificate onto that could be located between the victim to be spied on and the real site, then there's nothing stopping them from eavesdropping.
Such a device does exist. In fact, the only currently known commercial entity that produces them, called Packet Forensics, attempted to deny their existence for some time. For this to be true, it must mean two things. One, that through some means, coercion, theft, or otherwise, CA's are allowing such certificates to be collected and used on these devices. And two, that there must be a market for these type of devices. There may be other companies producing these devices as well that are just unknown to the general public.
So, there you have it, if you were paranoid about government spying before, then this should help push you over the edge. I'm not just talking about governments though, corporations, employers, family, ANYONE who can get their hands on such a device, or build one for that matter, and can buy, coerce, or steal the certificates needed to spy on their targets can do just that! On the other hand, I can hear the sound of new private eye shops opening up, based on this technology. Go-Go-Gadget SSL Circumvention!
"I still lock my doors even though I know how to pick the lock" - Matt Blaze, http://crypto.com/
-quoted from http://www.wired.com/threatlevel/2010/03/packet-forensics/
View All Articles by Alex Trent