This summer’s attack on Dutch certificate authority DigiNotar has prompted browser makers to stop accepting the firm’s digital certificates and fueled a renewed interest in finding a replacement for the fragile Internet digital certificate infrastructure.
DigiNotar’s security practices and technologies were woefully inadequate, according to Dutch security firm Fox-IT, which conducted an audit of its systems. The certificate authority, which sells commercial secure socket layer (SSL) certificates and works with the Dutch government on its PKI implementation, received a hail of criticism when it announced Sept. 5 that a hacker had breached its systems and stole several SSL certificates.
The breach actually occurred July 19; DigiNotar thought it had quietly revoked all fraudulent certificates. But the compromise of the company’s CA servers came to light when security researchers discovered DigiNotar had issued a valid SSL wildcard certificate for Google to an Iranian-based entity. The rogue Google certificate is believed to have been used to monitor Gmail messages in that country. A wildcard certificate helps enable SSL encryption on multiple sub-domains using a single certificate.
“With the way this was handled and all the previous issues we’ve had with the certificate authority infrastructure, the implied trust of SSL is currently questionable if you haven’t fully patched,” says Paul Henry, security and forensic analyst at Scottsdale, Ariz.-based vulnerability management vendor Lumension Security.. “In light of the failures we’re seeing here, we can be looking at very serious issues, so we should absolutely be looking at alternatives to the system we currently have.”
Security experts say the compromise of DigiNotar and the similar attack on certificate authority Comodo. in March erode the trust inherent in digital certificates and tarnishes the CA system altogether. Chester Wisniewski, a senior security consultant with Sophos, says the problems should be top-of-mind at enterprises because many organizations use digital certificates to authenticate users for SSL VPNs, the company intranet and e-commerce systems. Organizations using Web applications, such as Salesforce.com and other services, also use digital certificates.
“SSL has multiple components to it and this is about the authenticity of validating [who] you are talking to on the Internet,” says Wisniewski. “Right now we’re forced into relying on this broken system, so any alternatives must be considered.”
One alternative validation method under development is the Perspectives Project, led by Dan Wendlandt and maintained by Carnegie Mellon University. Wendlandt says the problems with digital certificates have been well documented. For example, researchers in 2008 demonstrated a way to construct a rogue certificate authority and issue digital certificates.
“For a long time, weaknesses were considered theoretical and we were accused of fear mongering,” Wendlandt says. “With certificate authorities, if anyone gets these magic keys, they can spoof the server that a certificate is valid and that’s a scary thing.”
Under the Perspectives Project, public notary servers are used to validate SSL certificates. It bypasses certificate authority approval and instead the servers check for consistency of the certificates used by the network over time. The project enables users to pick what group of network notary servers they trust or users can accept the defaults in the Mozilla Firefox plugin.
At the DEFCON hacker conference in August, noted security researcher Moxie Marlinspike unveiled an alternative system called Convergence, which builds on the Perspectives Project. The notary system uses network probing from various locations to determine the validity of websites.
The power to change the current system, says Lumension’s Henry, is with the browser makers who need to build-in support for alternative methods. Convergence currently is in use as an extension for Mozilla Firefox users. Google, according to Wendlandt, is considering adding similar functionality in Chrome.
“We truly feel that this was fundamentally the wrong way to build a security system,” says Wendlandt of the current CA architecture. “Internet security is a very important and personal so building a better system that can be trusted and doesn’t impact privacy is where we need to go.”
Robert Westervelt is the news director of SearchSecurity.com. Send comments on this article to firstname.lastname@example.org