[cap-talk] Compelled Certificate Creation Attack on SSL

Jonathan S. Shapiro shap at eros-os.org
Fri Apr 23 11:29:10 PDT 2010

The problem with centralizing trust is that (a) it's only a matter of
time before any given source is compromised, and (b) when it is, the
loss multipliers get pretty big...


On Fri, Apr 23, 2010 at 8:53 AM, Sandro Magi <naasking at higherlogics.com> wrote:
> This will probably come as no surprise to most of you given past
> discussions of the SSL Certificate Authority (CA) model, but this new
> paper highlights quite clearly the trust problems inherent to CAs:
>  http://files.cloudprivacy.net/ssl-mitm.pdf
> It basically describes a "compelled certificate creation attack", where
> a government can compel a CA to issue a valid certificate that can be
> used for surveillance. Note, this means foreign governments could be
> spying on you too, not just your own government.
> He also describes appliances that are being sold explicitly for this
> purpose, implying that compelled certificates may already be in use.
> He also provides a Firefox plugin prevent this attack called Certlock,
> which basically caches the certificate hash and the CA's country on
> first load. If on subsequent page loads the hash and the country
> differs, an error is displayed.
> I had commented on an earlier draft and pointed him to the Petname tool,
> which is now mentioned in the section Related Work. The Petname tool and
> TrustBar both handle this attack and are both strictly more general than
> the approach presented in this paper.
> Sandro
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk

More information about the cap-talk mailing list