On Mar 25, 2010, at 8:05 AM, Dave Kleiman wrote:
March 24th, 2010 New Research Suggests That Governments May Fake SSL
Certificates
Technical Analysis by Seth Schoen
http://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-governments-fake-ssl
""Today two computer security researchers, Christopher Soghoian and
Sid Stamm, released a draft of a forthcoming research paper in which
theypresent evidence that certificate authorities (CAs) may be
cooperating with government agencies to help them spy undetected on
"secure" encrypted communications....
While the paper provides a nice analysis and description of the
situation, what surprises me most about it is ... that anyone was
surprised. Hardware to support man-in-the-middle splicing of HTTPS
sessions has been available in the marketplace for several years.
They are sold by companies like Bluecoat who build appliances to
monitor incoming and outgoing traffic at the interconnection points
between corporate networks and the greater Internet. They're sold as
means to monitor and control what sites can be accessed (they block
things like gambling sites, pornography - whatever the corporation
doesn't want its employees browsing from work) and also inspect the
data for auditing/information leakage control purposes.
In the corporate environment, where desktops/laptops are managed, the
way such a device is given the ability to do MitM attacks is
straightforward: The corporation simply pushes a new root CA - for a
CA that actually lives inside the intercept device - into the
browser's pool. The device can then generate and sign any certs it
needs to to wedge into any HTTPS session invisibly. Even when the
corporation allows personal machines onto the network, it will often
require users to accept a corporate CA for access to internal sites.
Of course, since browsers only have one pool of CA's, once you've
accepted that CA, you've accepted invisible MitM attacks by the
monitoring device.
Since the techniques and hardware for doing this has been around for a
while, it should come as no surprise that someone would notice that
governments are another good market - in fact, one that tends to be
fairly price-insensitive. It's distressing how much government
intrusion technology is basically relabeled corporate security/
compliance technology.
Governments may or may not be in a position to force CA's onto a
machine, so it would be natural for them to compel existing CA's, as
the paper rightly points out.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com