Privacy, or access restriction,
is all about trust. Trust in the one guarding the access mechanism. The doors
to heaven open but to the worthy, care of Saint Peter. A bank vault usually
does not open until at least two different people get involved, each with their
own key or code. The door to your home opens to yourself and perhaps one or two
others you've given a key.
It's the same in the digital world. Computers and websites are accessed over connections, and these connections are vulnerable to trust-based attacks. Someone can easily get between you and your front door, so to speak. So called 'man in the middle' attacks involve a game of digital charades where a bad guy, Charlie, can spy on the exchange between Bob and Alice. Charlie simply pretends to be Bob when speaking toAlice and pretends to be Alice
Now the common countermeasure is to encrypt the channel between Alice and Bob in such a way that a) Charlie has a tough time listening in and b) any attempt at impersonation is detected. This works by having a digital certificate, and some fancy non-invertible math. This approach is called the PKI system.
Basically, if I talk to you using the public key part of your digital certificate, only you understand what I'm saying. I would not get it myself if I heard it, post-encryption, but you do, because you can decode it with the private key part of your certificate. You can talk to me the same way, just look up my public key and encrypt your message with it. Only I will be able to reconstruct your original message. You're locking your message, and I have the only key.
Locks don't present much of a challenge to a locksmith. Digital locks like the PKI system I've just described have the same weakness, and this is where the trust comes in. Certificates are created by certificate authorities, and if you want to look up a public key, or verify that a sender is really the guy you think he is, you can check in with the authority. While surfing the web, your browser automatically takes care of this. The little lock symbol in your browser means that the connection is to the right entity and is secure.
This puts a lot of trust in the certificate authority. A certificate is only as safe as the authority is trusted. An evil or stupid CA could pass out your private key like candy, or lie to you about who you're connecting to, i.e. telling Alice she's listening to Bob when it's really our old pal Charlie, up to his tricks again.
The trustworthiness of authorities is the underlying issue of the recent discussion about certificates. Dutch CA Diginotar had the long arm of the Iranian secret service up where the sun doesn't shine, and was unaware of it. When they found out, they kept it mum while they were figuring out what to do. Bad idea. The only antidote to a compromised certificate or CA is to blacklist it immediately and install new, clean certificates. Anyone using the old ones is likely to have a Persian Charlie sitting in on his communications, and many did.
Diginotar is not just some two-bit CA. These guys have the keys to the Kingdom. Literally. Diginotar is one of the CA's who creates the certificates for the Dutch government, for major websites and services, and regrettably for a lot of Iranian dissidents too. They proved unworthy of this trust. The ramifications are huge. During the hack, a large number of certificates were created to compromise a wide array of websites and services. Browsers had to update their list of trusted CA's, the Dutch government stopped doing business with them (albeit late), and Diginotar's reputation is tarnished forever. There's no knowing how much supposedly secure information has leaked while Diginotar was silent about the hack.
It's the same in the digital world. Computers and websites are accessed over connections, and these connections are vulnerable to trust-based attacks. Someone can easily get between you and your front door, so to speak. So called 'man in the middle' attacks involve a game of digital charades where a bad guy, Charlie, can spy on the exchange between Bob and Alice. Charlie simply pretends to be Bob when speaking to
Now the common countermeasure is to encrypt the channel between Alice and Bob in such a way that a) Charlie has a tough time listening in and b) any attempt at impersonation is detected. This works by having a digital certificate, and some fancy non-invertible math. This approach is called the PKI system.
Basically, if I talk to you using the public key part of your digital certificate, only you understand what I'm saying. I would not get it myself if I heard it, post-encryption, but you do, because you can decode it with the private key part of your certificate. You can talk to me the same way, just look up my public key and encrypt your message with it. Only I will be able to reconstruct your original message. You're locking your message, and I have the only key.
Locks don't present much of a challenge to a locksmith. Digital locks like the PKI system I've just described have the same weakness, and this is where the trust comes in. Certificates are created by certificate authorities, and if you want to look up a public key, or verify that a sender is really the guy you think he is, you can check in with the authority. While surfing the web, your browser automatically takes care of this. The little lock symbol in your browser means that the connection is to the right entity and is secure.
This puts a lot of trust in the certificate authority. A certificate is only as safe as the authority is trusted. An evil or stupid CA could pass out your private key like candy, or lie to you about who you're connecting to, i.e. telling Alice she's listening to Bob when it's really our old pal Charlie, up to his tricks again.
The trustworthiness of authorities is the underlying issue of the recent discussion about certificates. Dutch CA Diginotar had the long arm of the Iranian secret service up where the sun doesn't shine, and was unaware of it. When they found out, they kept it mum while they were figuring out what to do. Bad idea. The only antidote to a compromised certificate or CA is to blacklist it immediately and install new, clean certificates. Anyone using the old ones is likely to have a Persian Charlie sitting in on his communications, and many did.
Diginotar is not just some two-bit CA. These guys have the keys to the Kingdom. Literally. Diginotar is one of the CA's who creates the certificates for the Dutch government, for major websites and services, and regrettably for a lot of Iranian dissidents too. They proved unworthy of this trust. The ramifications are huge. During the hack, a large number of certificates were created to compromise a wide array of websites and services. Browsers had to update their list of trusted CA's, the Dutch government stopped doing business with them (albeit late), and Diginotar's reputation is tarnished forever. There's no knowing how much supposedly secure information has leaked while Diginotar was silent about the hack.
One benefit is that the
security awareness of at least two countries was increased quite a bit. Now
let's hope the government hires a better company instead of regulating the
field some more. Trust is the coin of the cybersecurity realm, and it should be
spent sparingly and wisely.
-
The (devastating) FoxIT report on the hack can be found
here: http://www.rijksoverheid.nl/bestanden/documenten-en-publicaties/rapporten/2011/09/05/fox-it-operation-black-tulip/rapport-fox-it-operation-black-tulip-v1-0.pdf
N.B. At the moment the site is down, probably due to the huge demand. Mirror here: http://tweakimg.net/files/upload/Operation+Black+Tulip+v1.0.pdf
N.B. At the moment the site is down, probably due to the huge demand. Mirror here: http://tweakimg.net/files/upload/Operation+Black+Tulip+v1.0.pdf
OGD published a similar post in Dutch here:http://www.ogd.nl/blog/post/2011/09/leren-van-de-diginotar-inbraak/
As far as I know, it has not been confirmed that the Iranian government (i.e. Secret Service) is behind the hack althought there are signs it originated from there.
ReplyDeleteSecondly, it showed that _any_ CA are prime hack targets. In the long run, the CA system has to be replaced.
Very true, it's open season on CA's. Comodo and now Diginotar, who's next?. However, trust is not the issue with the CA system, it's the fundamental issue with access. Access rights always hinge on trust and identity, no matter the technical system to implement it.
ReplyDelete