New Research Suggests That Governments May Fake SSL Certificates

Jerry Leichter leichter at lrw.com
Thu Mar 25 18:42:36 PDT 2010 

On Mar 25, 2010, at 8:05 AM, Dave Kleiman wrote:
>March 24th, 2010 New Research Suggests That Governments May Fake SSL  
>Certificates
>Technical Analysis by Seth Schoen 
>http://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-governments-fake-ssl
>
>""Today two computer security researchers, Christopher Soghoian and  
>Sid Stamm, released a draft of a forthcoming research paper in which  
>theypresent evidence that certificate authorities (CAs) may be  
>cooperating with government agencies to help them spy undetected on  
>"secure" encrypted communications....
While the paper provides a nice analysis and description of the  
situation, what surprises me most about it is ... that anyone was  
surprised.  Hardware to support man-in-the-middle splicing of HTTPS  
sessions has been available in the marketplace for several years.   
They are sold by companies like Bluecoat who build appliances to  
monitor incoming and outgoing traffic at the interconnection points  
between corporate networks and the greater Internet.  They're sold as  
means to monitor and control what sites can be accessed (they block  
things like gambling sites, pornography - whatever the corporation  
doesn't want its employees browsing from work) and also inspect the  
data for auditing/information leakage control purposes.

In the corporate environment, where desktops/laptops are managed, the  
way such a device is given the ability to do MitM attacks is  
straightforward:  The corporation simply pushes a new root CA - for a  
CA that actually lives inside the intercept device - into the  
browser's pool.  The device can then generate and sign any certs it  
needs to to wedge into any HTTPS session invisibly.  Even when the  
corporation allows personal machines onto the network, it will often  
require users to accept a corporate CA for access to internal sites.   
Of course, since browsers only have one pool of CA's, once you've  
accepted that CA, you've accepted invisible MitM attacks by the  
monitoring device.

Since the techniques and hardware for doing this has been around for a  
while, it should come as no surprise that someone would notice that  
governments are another good market - in fact, one that tends to be  
fairly price-insensitive.  It's distressing how much government  
intrusion technology is basically relabeled corporate security/ 
compliance technology.

Governments may or may not be in a position to force CA's onto a  
machine, so it would be natural for them to compel existing CA's, as  
the paper rightly points out.
                                                        -- Jerry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list