Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
SSL in trouble ?
Posted by: vortex
Date: January 01, 2009 08:24AM

Having seen the recent troubles with SSL

http://www.theregister.co.uk/2008/12/30/ssl_spoofing/
http://www.theregister.co.uk/2008/12/29/ca_mozzilla_cert_snaf/

I'm curious as to what the sla.ckers think on this.

I know that SSL provides security, to an extent, by encrypting the data stream, hence preventing (or at least severely limiting) MITM attacks, however given that individual machines at each end could be compromised, just how the heck are we supposed to secure our data streams now?

While RFC1149 A Standard for the Transmission of IP Datagrams on Avian Carriers http://www.faqs.org/rfcs/rfc1149.html would seem one possible solution, I fear that that in itself may be prone to a couple of minor problems ;)

Options: ReplyQuote
Re: SSL in trouble ?
Date: January 01, 2009 05:59PM

From what I understand correct me if I am wrong, the CAs need to resign the keys using a hash other than MD5. Which I assume means reissuing every key that was signed using MD5.

Options: ReplyQuote
Re: SSL in trouble ?
Posted by: thrill
Date: January 01, 2009 07:21PM

2 sayings:

1) If man built it, man will break it.
2) Security is a process, not an event.

Just ask Larry Ellison about his "Unbreakable" database software. :)

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: SSL in trouble ?
Posted by: id
Date: January 01, 2009 08:20PM

Since it relies on specially crafted cert requests, and assuming (dangerously, but probably a practicality now) that no one has already exploited this for malicious ends, it can be fixed right now by all CAs stopping the use of MD5 immediately.

The alternative is to revoke all certs ever issued and start over. Ether way, we can never be 100% sure that SSL connections are really between who we think they are from now on. Of course, I'm sure that many government agencies have been MITMing connections for years by simply working with CAs, no fancy exploit needed.

-id

Options: ReplyQuote
Re: SSL in trouble ?
Posted by: ma1
Date: January 02, 2009 11:33AM

http://hackademix.net/2008/12/30/putting-ssl-in-perspectives/

--
*hackademix.net*

There's a browser safer than Firefox... Firefox, with NoScript

Options: ReplyQuote
Re: SSL in trouble ?
Posted by: thornmaker
Date: January 02, 2009 11:56AM

Quote

From what I understand correct me if I am wrong, the CAs need to resign the keys using a hash other than MD5. Which I assume means reissuing every key that was signed using MD5.

Certificates presently issued that have an MD5 sig do not need to be reissued. Even new certs that are issued with an MD5 sig don't need reissued.

The problem isn't with these certs, but rather that a CA could be tricked into signing a "specially crafted" cert request. This special cert looks completely normal to the CA (so there is no reason for them to not sign it), however it was constructed so that the MD5 sum on it would be the exact same md5sum for a related but malicious cert. The md5sum could be appended to the malicious cert making it valid and official. The primary change to the malicious cert is to have it set with CA authority meaning it in turn can be used to sign additional cert requests.

as long as md5 is still being used by trusted CA's, it is possible that some org will (or has already) follow the same steps to obtain a malicious cert with CA authority. The main difficulty in the attack is being able to come up with similar certs with a colliding md5 hash (where one of the two items to be signed cannot be fully controlled by the attacker). Computationally, yes it is very difficult, but as was shown, it's very possible.

The upside is that certs signed with md5 presently don't need to be reissued. the downside (a very significant downside) is that no SSL site can be trusted to the same degree as before, as there is a chance that such a rogue CA cert has been created and a derivative cert is being used in a Man-in-the-Middle attack. This could occur against *ANY* SSL site in the world, regardless of what hash is used to sign the cert.

ma1 has a nice write-up too - see his above post :)



Edited 1 time(s). Last edit at 01/02/2009 12:01PM by thornmaker.

Options: ReplyQuote
Re: SSL in trouble ?
Posted by: rvdh
Date: January 04, 2009 05:20PM

id Wrote:
-------------------------------------------------------
> Ether way, we can never be 100%
> sure that SSL connections are really between who
> we think they are from now on.

I think we never could, not only from now on. Not because of this sole intellectual issue, but because -I might have said this a million times- if you own one end of the line already, SSL is useless. Users are rather trojanized, which makes SSL again useless. Root the box it sits on, and SSL is useless. If the site which deploys SSL has XSS, SSL is useless. If SSL is deployed on a virtual host, and PHP is quirky configured, SSL is useless. Oh, and just good old password guessing: SSL is useless, and that doesn't require 200 PlayStations.

I have a hard time understanding why so much people put their trust into SSL while MITM is the least of your concerns, unless your on WIFI.

Options: ReplyQuote
Re: SSL in trouble ?
Posted by: id
Date: January 04, 2009 11:17PM

Though MITM shouldn't probably even be considered by 99% of the population at this point, it isn't the least of _my_ concerns, or quite a few people that are on this board.

1. Your points are not risks of some people:
My box isn't compromised
My bank's most likely isn't
They don't have XSS on their site
They don't use php

2. It's not all that theoretical:
My ISP's DNS server _has_ been compromised before and I have no expectation that it won't be again.

There are lots of organizations that can foot the bill for 200 PS3s, even small companies like mine can.

Who says the team that discovered the flaw hasn't been owned, or one of them extorted, or one of them is simply a criminal?

3. Why I care (though not enough to actually do anything about it)
Not really terrible odds for something bad to happen if steps aren't taken quickly.

Someone smart enough to pull it off is probably smart enough to take the slow road and not be caught quickly, or do a huge hit at once.

-id

Options: ReplyQuote
Re: SSL in trouble ?
Posted by: rvdh
Date: January 05, 2009 05:33AM

Well, if you want it you can get it. It's that simple right? Security only buys time, and slows down a fire. Considering banks, last year I walked by my own local bank, the biggest bank in our country. They are considered to be the best secured bank, they go all the way, 2 factor, SSL, they hire hackers every year, yadda yadda. So I walked inside, and gleamed over the helpdesk while asking something, and saw they were using wireless keyboards where the signal which as we know are "encrypted" with a 256 bit XOR. LOL.

You're absolutely right that we may never know the details about the SSL issue, and how it came to be. But if security is an economics issue, criminality is as well. Given enough resources anything can be broken, but that doesn't mean your unsafe on that particular moment.

Options: ReplyQuote
Re: SSL in trouble ?
Date: January 05, 2009 09:54PM

http://codefromthe70s.org/sslblacklist.aspx seems to work great so far in detecting if a site is trying to use an MD5 signed cert be it a rogue or legit one. Basically when using extension don't use any SSL site that is detected as using an MD5 cert. So far I've only come across 1 site in my bookmarks that use an MD5 cert which is facebook.com

Options: ReplyQuote
Re: SSL in trouble ?
Posted by: thornmaker
Date: January 05, 2009 10:55PM

I wonder for how long https://rapidssl.com/ will be using an md5 hashed cert

Options: ReplyQuote
Re: SSL in trouble ?
Posted by: Malkav
Date: January 08, 2009 05:42AM

probably until we start releasing in the wild fake CAs for every MD5 signed certificate :)

let's get our mexicans to work, people !

----------------------------------------------------------------------------------------------------------------

Those that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
--Benjamin Franklin

Options: ReplyQuote
Re: SSL in trouble ?
Posted by: thrill
Date: January 13, 2009 03:27AM

I resemble that remark.

The name is Latin Americans damnit.

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote


Sorry, only registered users may post in this forum.