New Research Suggests That Governments May Fake SSL Certificates
Today two computer security researchers, Christopher Soghoian and Sid Stamm, released a draft of a forthcoming research paper in which they present evidence that certificate authorities (CAs) may be cooperating with government agencies to help them spy undetected on "secure" encrypted communications. (EFF sometimes advises Soghoian on responsible disclosure issues, including for this paper.) More details and reporting are available at Wired today. The draft paper includes marketing materials from Packet Forensics, an Arizona company, which suggests that government "users have the ability to import a copy of any legitimate keys they obtain (potentially by court order)" into Packet Forensics products in order to impersonate sites and trick users into "a false sense of security afforded by web, e-mail, or VoIP encryption". This would allow those governments to routinely bypass encryption without breaking it.
Many modern encryption systems, including the SSL/TLS system used for encrypted HTTPS web browsing, rely on a public-key infrastructure (PKI) in which some number of CAs are trusted to vouch for the identity of sites and services. The CA's role is crucial for detecting and preventing man-in-the-middle attacks where outsiders invisibly impersonate one of the parties to the communication in order to spy on encrypted messages. CAs make a lot of money, and their only job is to make accurate statements about which cryptographic keys are authentic; if they do this job incorrectly — willingly, under compulsion, by accident, or negligently — the security of encrypted communications falls apart, as man-in-the-middle attacks go undetected. These attacks are not technically difficult; surveillance companies like Packet Forensics sell tools to automate the process, while security researchers like Moxie Marlinspike have publicly released tools that do the same. All that's needed to make the attack seamless is a false certificate. Can one be obtained?
This risk has been the subject of much speculation, but Soghoian and Stamm's paper is the first time we've seen evidence suggesting that CAs can be induced to sign false certificates. The question of CAs' trustworthiness has been raised repeatedly in the past; researchers recently showed that some CAs continued to use obsolete cryptographic technology, signed certificates without verifying their content, and signed certificates that browsers parsed incorrectly, putting users at risk of undetectable attacks. What's new today, however, is the indication that some CAs may also knowingly falsify certificates in order to cooperate with government surveillance efforts.
Soghoian and Stamm also observe that browsers trust huge numbers of CAs — and all of those organizations are trusted completely, so that the validity of any entity they approve is accepted without question. Every organization on a browser's trusted list has the power to certify sites all around the world. Existing browsers do not consider whether a certificate was signed by a different CA than before; a laptop that has seen Gmail's site certified by a subsidiary of U.S.-based VeriSign thousands of times would raise no alarm if Gmail suddenly appeared to present a different key apparently certified by an authority in Poland, the United Arab Emirates, Turkey, or Brazil. Yet such a change would be an indication that the user's encrypted HTTP traffic was being intercepted.
Who are these CAs, and why do we trust them? Most are for-profit companies, though Microsoft Internet Explorer is willing to trust two dozen governments as CAs, from a list of around 100 entities. Soghoian and Stamm identify the governments Internet Explorer currently trusts as Austria, Brazil, Finland, France, Hong Kong, India, Japan, Korea, Latvia, Macao, Mexico, Portugal, Serbia, Slovenia, Spain, Switzerland, Taiwan, The Netherlands, Tunisia, Turkey, the United States and Uruguay. (Some countries have more than one government entity on the list; Internet Explorer also trusts subnational governments like that of the Autonomous Community of Valencia in Spain, and government-affiliated organizations like the PRC's China Internet Network Information Center.) Although there is no public evidence that this power has been abused or that government-run CAs are less trustworthy than private-sector CAs, each of these states has the power to facilitate attacks on encryption anywhere in the world — not just in its territory or Internet domain.
Certificate authorities get on browsers' trusted lists by making a public statement about how they operate and submitting to some sort of external audit. If they do their job properly, they make it easy for users to securely interact with web sites and services automatically, without having to somehow look up and manually verify encryption keys. Yet these organizations' position at the center of the web encryption infrastructure is largely unaccountable, since users will never know if a CA signs off on something untrue. But any CA could choose to do so. Given what we now know about the vulnerability of the trust infrastructure to both technological and legal interference, we urgently need a meaningful way to double-check the CAs. Soghoian and Stamm propose some mechanisms and offer a plug-in to give users browsers' more information about who is certifying sites and where the CAs are located, which could be of particular interest to those concerned about international espionage.
Concerned by this and other research on the vulnerabilities introduced by CAs, EFF has also been working on concepts to help Internet users make use of many more sources of information to supplement and double-check the CAs — and help detect when they certify things that are not true. We will be publishing a whitepaper to outline some of our proposals in the near future.