SSL broken! Hackers create rogue CA certificate using MD5 collisions

Page 1 of 2 12 LastLast

    SSL broken! Hackers create rogue CA certificate using MD5 collisions


    Posted: 31 Dec 2008
    December 30th, 2008

    SSL broken! Hackers create rogue CA certificate using MD5 collisions

    Posted by Ryan Naraine @ 6:00 am

    Using computing power from a cluster of 200 PS3 game consoles and about $700 in test digital certificates, a group of hackers in the U.S. and Europe have found a way to target a known weakness in the MD5 algorithm to create a rogue Certification Authority (CA), a breakthrough that allows the forging of certificates that are fully trusted by all modern Web browsers. The research, which will be presented today by Alex Sotirov (top left) and Jacob Appelbaum (bottom left) at the 25C3 conference in Germany, effectively defeats the way modern Web browsers trust secure Web sites and provides a way for attackers to conduct phishing attacks that are virtually undetectable.

    The research is significant because there are at least six CAs currently using the weak MD5 cryptographic algorithm in digital signatures and certificates. The most commonly used Web browsers — including Microsoft’s Internet Explorer and Mozilla’s Firefox — whitelist these CAs, meaning that a fake Certificate Authority can display any site as secure (with the SSL padlock).
    “We basically broke SSL,” Sotirov said in an interview ahead of his 25C3 presentation.
    Our main result is that we are in possession of a “rogue” Certification Authority (CA) certificate. This certificate will be accepted as valid and trusted by many browsers, as it appears to be based on one of the “root CA certificates” present in the so called “trust list” of the browser. In turn, web site certificates issued by us and based on our rogue CA certificate will be validated and trusted as well. Browsers will display these web sites as “secure”, using common security indicators such as a closed padlock in the browser’s window frame, the web address starting with “https://” instead of “http://”, and displaying reassuring phrases such as “This certificate is OK ” when the user clicks on security related menu items, buttons or links.
    Researchers at the Centrum Wiskunde & Informatica (CWI) in the Netherlands, EPFL in Switzerland, and Eindhoven University of Technology (TU/e) in the Netherlands helped in the design and implementation of the attack using an advanced implementation of a known MD5 collision construction and a cluster of more than 200 PlayStation 3 game consoles.


    More at SSL broken! Hackers create rogue CA certificate using MD5 collisions | Zero Day | ZDNet.com
    johngalt's Avatar Posted By: johngalt
    31 Dec 2008



  1. Posts : 576
    Vista X32. Windows 7 32bit
       #1

    That's a cause for concern isn't it?. Had to happen I suppose.

    Norm
      My Computer


  2. Posts : 4,364
    Windows 11 21H2 Current build
    Thread Starter
       #2

    Major concern - our own dmex (aka Steven) has found that it goes a lot further than just website certificates - in fact, this affects *all* digital certificates that are based upon MD5 hashing, including Windows Authenticode stuff....
      My Computer


  3. Posts : 65
    Windows 7 7000; Windows XP Pro SP3
       #3

    That does seem scarey. Though at the moment the information on creating this is not within reach of normal people? (aka evil leaked onto dark parts of interweb)?

    -baMBi-
      My Computer


  4. Posts : 576
    Vista X32. Windows 7 32bit
       #4

    johngalt said:
    Major concern - our own dmex (aka Steven) has found that it goes a lot further than just website certificates - in fact, this affects *all* digital certificates that are based upon MD5 hashing, including Windows Authenticode stuff....
    And is there anything we need to be doing? Keep us posted.

    Norm
      My Computer


  5. Posts : 4,364
    Windows 11 21H2 Current build
    Thread Starter
       #5

    bambi said:
    That does seem scarey. Though at the moment the information on creating this is not within reach of normal people? (aka evil leaked onto dark parts of interweb)?

    -baMBi-
    It *is* within our reach because of the fact that Windows uses Authenticode to verify signatures of critical system files, and Steven's research shows that, for example, a couple of key files used by Nero Burning ROM are actually verified using expired certificates - meaning someone could come along and write a fake certificate for those files, and you would never now it - and then get all sorts of nasty stuff onto your computer because Windows would see the file as legitimate.

    NormCameron said:
    And is there anything we need to be doing? Keep us posted.

    Norm
    As soon as I hear from him it'll be posted.
      My Computer


  6. Joe
    Posts : 236
    Windows 7 RC
       #6

    Thanks for the post!
      My Computer


  7. Posts : 1,402
    Windows 7 Ultimate x64
       #7

    Thanks for this, very good post.

    We must be greatful that people like Steven are working on a fix.
      My Computer


  8. Posts : 1
    Vista x64
       #8

    Fix? Probably Not...


    echrada said:
    Thanks for this, very good post.

    We must be greatful that people like Steven are working on a fix.
    This probably won't be so much a Fix, as a forced change.

    Think MD5=WEP. When WEP was compromised, we didn't fix it, we changed to WPA/WPA2.

    Same sort of thing is likely here. There are still plenty of secure hashing algorithms, but the CAs will need to change from MD5 to one of those, and reissue certs. Keep in mind, most of the CAs stopped issuing MD5 X.509 certs a while back. Most are SHA-1 these days. (NB: SHA-1 has also shown collision vulnerabilities and will be compromised in the same way as MD5 sometime in the future. SHA-2 was created because of this. It's all on ongoing battle.)

    I'll leave the MS Authenticode issues for others to discuss, I assume there are more subtle problems involved with updating that.

    Futuristic
      My Computer


  9. Posts : 576
    Vista X32. Windows 7 32bit
       #9

    14% of SSl Certificate unsafe

    Netcraft provided more details on a critical digital certificate vulnerability revealed last week. Although Microsoft downplayed the problem by stating that the successful exploit was not published, Netcraft found that 14% of SSL certificates use the vulnerable MD5 hashing algorithm. That number may provide a large enough target for attackers to invest time into cracking MD5, while certificate authorities will have a choice of using MD5 and hope that it will not be cracked or transitioning to a stronger encryption technology such as SHA-1.
    Read more at:-

    TG Daily - 14% of SSL certificates on the Internet potentially unsafe

    Norm
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:53.
Find Us