Governments May Fake SSL Certificates

Electronic Frontier FoundationToday two computer security researchers, Christopher Soghoian and Sid Stamm, released a draft of a forthcoming research paper in which they present evidence that certificate authorities (CAs) may be cooperating with government agencies to help them spy undetected on “secure” encrypted communications. (EFF sometimes advises Soghoian on responsible disclosure issues, including for this paper.) More details and reporting are available at Wired today. The draft paper includes marketing materials from Packet Forensics, an Arizona company, which suggests that government “users have the ability to import a copy of any legitimate keys they obtain (potentially by court order)” into Packet Forensics products in order to impersonate sites and trick users into “a false sense of security afforded by web, e-mail, or VoIP encryption”. This would allow those governments to routinely bypass encryption without breaking it.

Many modern encryption systems, including the SSL/TLS system used for encrypted HTTPS web browsing, rely on a public-key infrastructure (PKI) in which some number of CAs are trusted to vouch for the identity of sites and services. The CA’s role is crucial for detecting and preventing man-in-the-middle attacks where outsiders invisibly impersonate one of the parties to the communication in order to spy on encrypted messages. CAs make a lot of money, and their only job is to make accurate statements about which cryptographic keys are authentic; if they do this job incorrectly — willingly, under compulsion, by accident, or negligently — the security of encrypted communications falls apart, as man-in-the-middle attacks go undetected. These attacks are not technically difficult; surveillance companies like Packet Forensics sell tools to automate the process, while security researchers like Moxie Marlinspike have publicly released tools that do the same. All that’s needed to make the attack seamless is a false certificate. Can one be obtained?

This risk has been the subject of much speculation, but Soghoian and Stamm’s paper is the first time we’ve seen evidence suggesting that CAs can be induced to sign false certificates. The question of CAs’ trustworthiness has been raised repeatedly in the past; researchers recently showed that some CAs continued to use obsolete cryptographic technology, signed certificates without verifying their content, and signed certificates that browsers parsed incorrectly, putting users at risk of undetectable attacks. What’s new today, however, is the indication that some CAs may also knowingly falsify certificates in order to cooperate with government surveillance efforts. Continue reading.

Related Posts

How essential is anonymity to peer to peer relationality? How essential is anonymity to peer to peer relationality? I believe answering that question becomes easier if we look at the historical development...
How to Stop Distant Attacks on RFID Chips The limited power and processing ability of RFID chips makes them vulnerable to attackers operating at a distance. A new protocol could tackle this pr...
It’s not the Gates, it’s the bars To pay so much attention to Bill Gates' retirement is missing the point. What really matters is not Gates, nor Microsoft, but the unethical system of ...
Removing the RSA Security 1024 V3 Root There’s been confusion today about the work we’re doing on our root store, the set of trusted certificate authorities shipped with Mozilla products. T...
The Beginning of the End of Data Retention Last week, the German Constitutional Court issued a much-anticipated decision, striking down its data retention law as violating human rights. It was ...
The Role of Privacy by Design in Protecting Consumer Privacy 1) What is Privacy by Design? CDT has submitted comments to the Federal Trade Commission for the second in a series of public roundtable discussion...

We Recommend These Vendors

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).


Leave a Comment

Your email address will not be published. Required fields are marked *

*