03:25 PM
Connect Directly

Time For A Better Web Of Trust?

Researcher points to fundamental problems in SSL and DNSSEC, and says it's time for users to take control of trust

DEFCON 19 -- Las Vegas -- The Web of trust created by secure socket layer (SSL) certificates has fundamental problems that carry over into the secure extensions of the domain name system, security researcher Moxie Marlinspike told attendees at the DefCon hacking convention on Friday.

Because software that uses SSL encryption relies on companies whose authority to sign certificates cannot easily be revoked, the technology does not provide the agility to respond to events, such as the breach of certificate authority Comodo earlier this year, Marlinspike said. The security extensions to the domain name system (DNSSEC), which places certificates in the DNS record for added security, have greater problems because you cannot revoke the authority of the root provider, he argued.

"This system actually provides reduced trust agility," Marlinspike told attendees. "Today I can still choose to remove Verisign from the list of trusted certificate authorities in my browser, but there is nothing I can do to stop Verisign from managing the .com and .net lookups."

Marlinspike proposed a system of collective trust, dubbed Convergence, that solves these issues. Instead of certificate authorities, the system uses notary servers that check that the same certificate is returned for a domain lookup from disparate network and geographical locations, which eliminates the risk of a man-in-the-middle attack, he said.

The technology, which Marlinspike implemented as a Firefox plug-in, obeys two tenets of the researchers' idea of trust agility that SSL certificates do not: First, the decision to trust a particular organization should not be permanent. If the organization proves untrustworthy in the future, then a user should be able to revoke the organizations trust.

"There are plenty of organizations that I trust today to secure my transactions for me," Marlinspike said. "But what is insane [with SSL] is that I must identify an organization, or a set of organizations, that I'm willing to trust not just now, but forever."

The second part of trust agility is to empower the user to change his mind about trusting an organization in the future. Currently, about 650 organizations can sign certificates -- including governments in China and Korea -- allowing them to potentially eavesdrop on secure transactions, according to the Electronic Frontier Foundation.

"In this increasingly globalized world, it doesn't seem really possible to make one trust decision for everybody," Marlinspike says. "There are different people with different contexts and different threats."

Currently, there are very few notaries that support the Convergence system. But anyone can establish one, and users can set their thresholds for the number of notaries to poll and how many notaries must agree to validate the identity of a Web site.

To date, there are two functional issues: Sites that sign different servers for the same domain name, such as banks, do not resolve correctly. In addition, neither do captive portals -- frequently used in pay-for-use WiFi networks.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-07-10
Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML via the (1) _2_firstName, (2) _2_lastName, or (3) _2_middleName parameter.

Published: 2014-07-10
The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463.

Published: 2014-07-10
Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

Published: 2014-07-10
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308.

Published: 2014-07-10
The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.