|
|
Subscribe / Log in / New account

The case of the fraudulent SSL certificates

By Jake Edge
March 23, 2011

Certificate authorities (CAs) exist to issue certificates that protect users' encrypted traffic when they use SSL/TLS (i.e. HTTPS) for web browsing—at least ostensibly—but the CA system has been a source of general unhappiness for quite some time. The discovery of fraudulent certificates in the wild can only lead to more calls for changes to the CA model, and for some, that model is irretrievably broken.

A Tor project blog posting by Jacob Appelbaum (aka ioerror) has the most detailed look at this particular incident. Basically, sometime around March 15, a CA (evidently UserTrust, which is part of Comodo) noticed that there were certificates signed by the CA, but not properly issued by that CA, floating around the internet. On March 15, the CA issued certificate revocations for nine different certificates.

Man in the middle

Part of the problem, though, is that certificate revocation doesn't really work, as browsers are generally not checking the revocation status of certificates. [Update: As pointed out in the comments, browsers do check the revocation status, but if that check fails, most do not give the user any indication of that.] In addition, many browsers do not keep track of the certificates that they have received and alert users when they change. So, a fraudulent, but correctly signed, certificate offered by a man-in-the-middle (MITM) attacker will be accepted by most browsers with no indication to the user of any problem.

MITM attacks have traditionally been considered difficult to pull off because they require control of some intermediate node in the path between the user and the web site. The pervasiveness of wireless networking has reduced that barrier considerably. Any access point, even one using encrypted communications (e.g. WPA), could be subverted—or intentionally configured—to perform MITM attacks. Public WiFi hotspots would be a perfect location for an attacker to set up a fraudulent certificate for, say, Paypal, and sniff the credentials of any user that connected to the service. Offering "Free Public WiFi" in crowded places like airports might be another route to setting up an MITM attack.

So far, only addons.mozilla.org (the site for Firefox extensions) has been identified as a victim site, one for which a fraudulent certificate has been issued. According to Appelbaum, there are seven uniquely named certificates floating around (one of which is issued to an invalid hostname: "global trustee"). He speculates that "Facebook, Skype, Google, Microsoft, Mozilla, and others are worthy of targeting". But Comodo has not released any information about which hostnames were targeted, at least yet. It was Mozilla who disclosed that addons.mozilla.org was a target.

As pointed out by LWN reader sumC, Microsoft has put out an advisory that lists the affected domains: login.live.com, mail.google.com, www.google.com, login.yahoo.com (3 certificates), login.skype.com, and addons.mozilla.org.

Alerted by browser code changes

Since browsers do not generally check the revocation status of certificates, some other mechanism must be used to reject these bad certificates. A change to the Chromium browser code on March 16 is how Appelbaum was first alerted to the problem. That change added a new X509Certificate::IsBlacklisted() function for Chromium, which listed the serial numbers for multiple certificates any of which would cause the function to return "true". Some twelve hours later, Google issued a Chrome update that "blacklists a small number of HTTPS certificates".

At around the same time, Mozilla also patched Firefox with a similar, but not exactly the same, list of serial numbers. This was clearly an indication that major browser vendors had been alerted to a problem. Appelbaum started digging further, looking at the published certificate revocation lists (CRLs) using his crlwatch program. Crlwatch used the EFF's SSL Observatory to find a canonical list of CRLs, then fetched them to look for a match to any of the serial numbers blacklisted by Chromium or Mozilla.

He found matches for all but the two test certificates that were listed, all pointing back to UserTrust. In addition, the Mozilla patch also points to UserTrust as the compromised CA. It means that somehow an attacker was able to get certificates issued by UserTrust for domain names that should not have been issued. That could happen if the signing key were compromised or UserTrust was somehow tricked into issuing those certificates. So far, there are no details as to how the fraudulent certificates were created.

Disclosure issues

As Appelbaum points out, it is clear that at least some browser makers were alerted to the problem, but certainly not all. Tor releases a "Tor Browser Bundle" and was not advised of the problem, so the project is left scrambling to update its browsers (though, one would guess Appelbaum's alertness in spotting the issue will have given the project a head start). Other, smaller browsers are likely affected by the problem as well, but are just now hearing about it.

Appelbaum agreed to an embargo on releasing information about the problem until the Firefox 4 release on March 22. That embargo was extended to March 23 to ensure that Microsoft could release an IE update, but Mozilla put out its posting on the issue on March 22, at which point Appelbaum considered the embargo lifted and posted his own information.

The embargo is very troubling since these certificates were evidently already out there potentially causing trouble for users; hiding their existence doesn't help users at all. Also worrisome is that both Google and Mozilla told Appelbaum that the CA "had done something quite remarkable by disclosing this compromise". It seems that other CAs may have fallen prey to the same kinds of attacks and not disclosed that fact. So it is possible that there are other known fraudulent certificates in the wild, presumably just listed on CRLs without any special browser blacklisting. An attacker holding one of those certificates must be cackling with glee.

Even for the certificates that UserTrust/Comodo alerted about, it took some time for browsers to be updated and will take even more time before users get and install those updates. Since we don't know how the certificate-issuing process was subverted, we have to hope that the CA is taking proper steps to either invalidate the signing key if it was compromised, or to change its process so things like this can't happen again. It would also be good if UserTrust itself disclosed exactly which domain names were affected, though we may already have that information via Microsoft's advisory.

Browser certificate handling

It's easy to see that there is a problem with certificate handling in browsers, but it is less clear what the proper solution is. Keeping track of the certificate that is sent when a domain is first encountered and comparing it on subsequent visits would be useful, but the browser makers are likely to be uncomfortable with how they present any changes to users. Certificates expire and are changed for other legitimate reasons, so it may be difficult for users to distinguish a legitimate certificate change from one that may be happening due to an MITM attack.

The browsers could also default to using the CRL or online certificate status protocol (OCSP) queries to ensure that the certificates are still valid. That requires that the CA be available to answer those queries every time a certificate is sent by a site, as any downtime will result in web sites becoming unavailable. Adam Langley offers the idea of short-lived certificates in his "Revocation doesn't work" blog posting that was linked above. There are other possible solutions as well, some of which Appelbaum mentions toward the end of his post.

The real problem, though, may be that the CA model doesn't work well on a (largely) decentralized network like the internet. The problems range from incidents like this one to worries about possibly rogue CAs. There are other ideas for handling certificates in a non-CA world (or one where CAs have much reduced authority), but there is a rather large stumbling block to changing the current system: the enormous economic interest that the CAs have in keeping things more or less as they are. CAs derive a huge amount of money from their semi-monopoly on the issuing of certificates, and one could expect that any threat to that income stream would be met with strong resistance. But cases like this one may start to make it clear that changes are required.


Index entries for this article
SecurityCertificate Authorities (CAs)
SecuritySecure Sockets Layer (SSL)/Certificates

to post comments

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 1:49 UTC (Thu) by skissane (subscriber, #38675) [Link] (7 responses)

Why not use DNS?
Create some new type of DNS record, or just reuse TXT.
It can indicate what types of SSL certs are valid for this domain.
e.g. only certs with these serial number, only certs from this CA, etc.
Browser would check the DNS record for the site, to look for any
constraints on the SSL cert, and error out if they were violated.

Without DNSSEC, this doesn't add that much -- attacker just has to MITM
DNS as well -- although it does make their work a bit harder. But with
DNSSEC, this could be a solution to the problem.

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 8:57 UTC (Thu) by Da_Blitz (guest, #50583) [Link] (5 responses)

there has been some discussion about putting the ssl certs in DNS itself however for this to be secure you really need DNSSEC widely deployed in advance

this doesn't eliminate fraudulent ssl certificates, just reduces the possibility of them occurring by reducing the amount of parties involved (eg someone asks the ".com" provider to delegate the domain to them and they just mirror your records with slight modifications)

there could also be issues with caching, i have seen more than one ISP modify dns headers and change the TTL value to 3+ days which caused havoc with site migrations. munging of the TTL field could cause time delays with revoking certs

the anti malware guys really don't like it when you delay for any reason.

i already use the SSHFP record to indicate which ssh keys are valid for a host and it works well but in conjunction with my standard known hosts file (in revision control to make it easy to move out to new hosts and keep track of things)

personally i think the dns records combined with other methods eg a local list of certs watching for changes and checking with a distributed table of sites => certs is the best option. however i would hate to see the conflict resolution code should one and not all of these comes back with an "invalid cert"

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 21:58 UTC (Thu) by Simetrical (guest, #53439) [Link] (4 responses)

It doesn't eliminate fraudulent certificates, but it reduces a gazillion points of failure to one point of failure. Currently, compromising one CA allows you to forge any certificate you like -- and there are what, thousands of CAs? If we used DNSSEC instead, the only way to inject a forged certificate would be to compromise the DNS servers of the site itself, or the DNS servers of a higher-level domain. For a high-profile site, that reduces the attack surface to almost nothing. Instead of being able to forge google.com certificates by exploiting any CA on the planet, you suddenly have to exploit either .com TLD nameservers, or google.com nameservers . . . which is going to be close to impossible in either case.

A shorter-term and less complete solution would be to extend HTTP Strict Transport Security to say "ignore any certificates that aren't signed by this specific CA". That would also drastically reduce attack surface, and although in the long run it's probably inferior to DNSSEC, it would be much easier to deploy.

The case of the fraudulent SSL certificates

Posted Mar 25, 2011 8:48 UTC (Fri) by pbonzini (subscriber, #60935) [Link] (1 responses)

> Instead of being able to forge google.com certificates by exploiting any CA on the planet, you suddenly have to exploit either .com TLD nameservers, or google.com nameservers . . . which is going to be close to impossible in either case.

What about country TLDs? If a government wants to do a MITM attack, it can surely control the country-level nameserver.

The case of the fraudulent SSL certificates

Posted Mar 25, 2011 13:59 UTC (Fri) by foom (subscriber, #14868) [Link]

But at least then it's *only* that government for that TLD that can MITM the sites under their TLD, instead of the governments of every single country in the world...

The case of the fraudulent SSL certificates

Posted Mar 31, 2011 21:56 UTC (Thu) by job (guest, #670) [Link] (1 responses)

If you follow best practice compromise of a DNS server does not lead to compromise of DNSSEC for that zone, as the zones should be signed on a separate server. There should be no keys on the public DNS server.

The case of the fraudulent SSL certificates

Posted Mar 31, 2011 22:40 UTC (Thu) by Simetrical (guest, #53439) [Link]

Okay, granted. I should have said that you have to compromise Google's servers, not specifically its nameservers. The point is the same, that you have to target specific servers and don't get to pick the weakest out of a very large group, so your attack surface drops drastically. Of course, the signing servers aren't going to be Internet-accessible, so will probably be even harder to exploit than the nameservers. But exploiting the nameservers of a huge and well-run shop like Google would already be a pretty difficult feat for even a well-funded criminal hacker group (although maybe not for some governments).

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 10:05 UTC (Thu) by job (guest, #670) [Link]

It's being actively discussed, but (much too) slowly.

See for example draft-schlyter-pkix-dns-02.

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 2:52 UTC (Thu) by ribbo (subscriber, #2400) [Link] (1 responses)

I read somewhere that these certificates may have actually been used by a particular country. In the case of the using a CRL or OCSP there's then nothing to stop the MITM from either just redirecting them or blocking access to the service just as they are for the other component of the MITM.

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 9:37 UTC (Thu) by Thue (guest, #14277) [Link]

It is obviously the responsibility of the browser to reject any certificates for which it can't reach the revocation list. Which only Chrome get's partially right: http://www.imperialviolet.org/2011/03/18/revocation.html

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 10:13 UTC (Thu) by job (guest, #670) [Link]

Certificate revocation has been broken from the beginning. Not only do you need to worry about careless CAs, but stealing certs is way too easy given the security state of web applications. Other important parts of SSL is also broken, such as the ability to delegate and trust a particular cert only on your subdomains.

I wish we could just use DNSSEC for this, but things move very slowly. While I understand the concern that DNS is not identity, I strongly believe that is not the common use case. I am much more often concerned that the certificate I am presented with is legitimate for "lwn.net", than that it belongs to "Eklektix Inc."

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 14:11 UTC (Thu) by jello (subscriber, #6083) [Link] (1 responses)

Comodo posted their report at http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html

The case of the fraudulent SSL certificates

Posted Mar 25, 2011 1:11 UTC (Fri) by ras (subscriber, #33059) [Link]

Thanks for that. I was wondering how a fraudulent certificate could possibly be generated. I was initially surprised by this turn of events, but in hindsight it is obvious the PKI infrastructure would be attached and abused in this way.

An odd thought popped into my head. Israel: our hackers can infect a few computers and knock your nuclear plans off line. Iran: yeah, well ours can attack the PKI infrastructure so we can spy on what our unruly citizens are saying.

Security is become a serious business indeed.

Certificate Patrol

Posted Mar 24, 2011 15:53 UTC (Thu) by cesarb (subscriber, #6266) [Link] (1 responses)

I found on a slashdot comment a link to a Firefox extension which could help mitigate these kinds of incidents: Certificate Patrol (https://addons.mozilla.org/en-us/firefox/addon/certificat...).

Certificate Patrol

Posted Mar 25, 2011 7:19 UTC (Fri) by xanni (subscriber, #361) [Link]

See also the "Perspectives" plugin, which uses "network notaries" to monitor certs and will also warn you if certs change unexpectedly:

https://addons.mozilla.org/en-us/firefox/addon/perspectives/

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 17:53 UTC (Thu) by giraffedata (guest, #1954) [Link] (1 responses)

How does a fraudulent certificate allow a man in the middle attack? Say I connect to a bad guy's wireless access point in an airport, then browse Paypal. How does the bad guy sniff my Paypal password?

I can see how the bad guy could connect me to his impostor Paypal site, but that's not man-in-the-middle.

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 18:07 UTC (Thu) by nybble41 (subscriber, #55106) [Link]

You try to connect to PayPal. The bad guy intercepts your connection and forwards the traffic to/from the real PayPal site. This is essentially the definition of MITM.

Normally, SSL/TLS would prevent the MITM from observing the cleartext of the traffic, since (a) the MITM needs the proper private key to decrypt what you're sending, and (b) the client verifies that the public key used to encrypt outgoing traffic corresponds to the domain name. The bad guy can only observe the unencrypted traffic by substituting a different certificate, one which would not be approved by a registered CA for use with that domain, thus giving away the MITM attack.

The existence of a fraudulent certificate nullifies (b), since the client will see a certificate certified for the right domain name, but (presumably) the bad guy has the corresponding private key and can thus decrypt the traffic (and re-encrypt it with the right certificate before forwarding it to PayPal, or visa-versa).

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 18:07 UTC (Thu) by gerv (guest, #3376) [Link] (1 responses)

It is untrue and inflammatory to say that "browsers are generally not checking the revocation status of certificates". There are no browsers which don't check. The issue here is the possibility that a user might not be able to reach the URLs at which revocation information is found.

"In addition, many browsers do not keep track of the certificates that they have received and alert users when they change." This is true, but the entire point of the certificate model is that this is not necessary. And if it were done, users would be bombarded with cert change errors, because certs change regularly. They would just learn to ignore them.

The two test certificates for which Jacob could find no match in the CRLs were issued to Google and Mozilla to test their blacklisting code.

Gerv

The case of the fraudulent SSL certificates

Posted Mar 24, 2011 18:32 UTC (Thu) by jake (editor, #205) [Link]

> It is untrue and inflammatory to say that "browsers are generally not
> checking the revocation status of certificates".

I don't know about "inflammatory", but it is certainly "untrue". That was my misunderstanding, and has now been corrected above.

jake

The case of the fraudulent SSL certificates

Posted Mar 25, 2011 18:31 UTC (Fri) by gerv (guest, #3376) [Link]

Mozilla has now posted a more detailed update here: http://blog.mozilla.com/security/2011/03/25/comodo-certif... .

Gerv


Copyright © 2011, Eklektix, Inc.
This article may be redistributed under the terms of the Creative Commons CC BY-SA 4.0 license
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds