From leichter@lrw.com Fri Jul 6 02:32:37 2018 From: Jerry Leichter To: cypherpunks-legacy@lists.cpunks.org Subject: Re: New Research Suggests That Governments May Fake SSL Certificates Date: Fri, 06 Jul 2018 02:32:37 +0000 Message-ID: <172289264205.3881296.9158002188489663748.generated@mail.pglaf.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5520651390902595954==" --===============5520651390902595954== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On Mar 25, 2010, at 8:05 AM, Dave Kleiman wrote: >March 24th, 2010 New Research Suggests That Governments May Fake SSL =20 >Certificates >Technical Analysis by Seth Schoen=20 >http://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-governmen= ts-fake-ssl > >""Today two computer security researchers, Christopher Soghoian and =20 >Sid Stamm, released a draft of a forthcoming research paper in which =20 >theypresent evidence that certificate authorities (CAs) may be =20 >cooperating with government agencies to help them spy undetected on =20 >"secure" encrypted communications.... While the paper provides a nice analysis and description of the =20 situation, what surprises me most about it is ... that anyone was =20 surprised. Hardware to support man-in-the-middle splicing of HTTPS =20 sessions has been available in the marketplace for several years. =20 They are sold by companies like Bluecoat who build appliances to =20 monitor incoming and outgoing traffic at the interconnection points =20 between corporate networks and the greater Internet. They're sold as =20 means to monitor and control what sites can be accessed (they block =20 things like gambling sites, pornography - whatever the corporation =20 doesn't want its employees browsing from work) and also inspect the =20 data for auditing/information leakage control purposes. In the corporate environment, where desktops/laptops are managed, the =20 way such a device is given the ability to do MitM attacks is =20 straightforward: The corporation simply pushes a new root CA - for a =20 CA that actually lives inside the intercept device - into the =20 browser's pool. The device can then generate and sign any certs it =20 needs to to wedge into any HTTPS session invisibly. Even when the =20 corporation allows personal machines onto the network, it will often =20 require users to accept a corporate CA for access to internal sites. =20 Of course, since browsers only have one pool of CA's, once you've =20 accepted that CA, you've accepted invisible MitM attacks by the =20 monitoring device. Since the techniques and hardware for doing this has been around for a =20 while, it should come as no surprise that someone would notice that =20 governments are another good market - in fact, one that tends to be =20 fairly price-insensitive. It's distressing how much government =20 intrusion technology is basically relabeled corporate security/=20 compliance technology. Governments may or may not be in a position to force CA's onto a =20 machine, so it would be natural for them to compel existing CA's, as =20 the paper rightly points out. -- Jerry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo(a)metzdowd.com ----- End forwarded message ----- --=20 Eugen* Leitl leitl http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE --===============5520651390902595954==--