Internet Authentication's Wild Ride

BEAST exploit and CA hacks make for healthy debate about the future of Internet's authentication mechanisms
From the exposure of new vulnerabilities and exploits in SSL and TLS to the very public attacks against digital certificate authorities, the past several months have been a roller-coaster ride for the reputation of the Internet's most fundamental authentication engines. Security pundits' opinions vary on what this means for trusted communication on the Internet. Some experts believe the constant influx of bad news is a sign that the Internet's trust model is broken, while others say it's simply the by-product of the security maturation cycle that the Internet's infrastructure will constantly experience.

"Five years ago we were still trying to get people to use SSL, so the fact that people are complaining about it today is, in my opinion, really good news because it means people are using it," says Tim "TK" Keanini, CTO of nCircle. "The bad news is that any flawed SSL implementation presents enormous risk because SSL and TLS handle all kinds of secure data, from e-commerce to login credentials."

According to Mike Murray, managing partner for consultancy MAD Security, when you're dealing with something as fundamental to the Internet's security infrastructure as SSL, there are always going to be problems with vulnerabilities and exploits popping up on a cyclical basis. He likens it to the years when BIND and Sendmail were issues until something better came along.

"Until SSL is replaced, I think this is part of the natural cycle of having something that integral to the infrastructure open to attack," Murray says. "The sky isn't falling -- this is the same thing we've had with other pieces of critical infrastructure for a long time. It's painful now, but if it [weren't] SSL, it would be whatever else we were relying on that was that important."

Nevertheless, the problems can't be ignored. According to a report at Black Hat this year, only about one-fifth of all SSL websites actually redirect to SSL for authentication. And the most recent issues with SSL and TLS surfaced in the past several weeks with the release of Browser Exploit Against SSL/TLS (BEAST), a new exploit found by security researchers Juliano Rizzo and Thai Duong that can perpetrate man-in-the-middle attacks by decrypting parts of an encrypted data screen using JavaScript. The exploit might have been new, but it leans on a decade-old vulnerability.

"From a risk and vulnerability perspective, this vulnerability existed for about 10 years now. There has just never been a practical exploit," says Dan Sherman, director of information security for Telos. He believes that, pragmatically, the proof-of-concept BEAST is not too worrisome to day-to-day security practioners. "Is it possible? Sure," Sherman says. "Is it going to happen all over the place? I just don't see it happening that often."

Still, it was alarming enough to have Mozilla security experts discussing last week whether to disable Java within its Firefox browsers -- something that in and of itself could cause problems for enterprises.

"I don't really think they could really go forward and take Java applets out of the equation because even though it's not really used on the Internet anymore, I know a lot of companies that use them internally for their own internal sites and applications," Sherman says.

BEAST was just another niggling problem piled on top of the recent scandals against certificate authorities (CAs), such as Comodo and DigiNotar, the latter of which was driven to insolvency as a result of the fallout.

"The whole trust model appears to be broken. I think people in the early days kind of understood that when they were designing SSL that it was almost like a last-minute hack," says Keith O'Brien, adjunct professor of network security at NYU and a distinguished engineer for Cisco. "I think we just kind of took it and ran with it, and now we're realizing it's kind of run out of gas at this point."

O'Brien believes one of the big issues right now with Internet authentication is that the dependence on certificate takes away the user's ability to make decisions about who to choose to trust. Instead, that decision-making is thrust on browser developers or other centralized figures further up the stack.

"As a user I don't have any way to 'untrust' [a certificate or CA] without breaking a lot of other things," he says. "If I go to my Web browser and untrust Comodo, I could break a good portion of the Internet from that."

O'Brien is among many security experts who believe the answer is in crowdsourced trust as laid out by initiatives such as the Carnegie Mellon University Cylab Perspectives project and Moxie Marlinspike's Convergence system. These solutions depend on a list of "notaries" that a user could choose to use to authenticate a website rather than one centralized CA.

"You would have a whole bucketful of notaries, maybe 10 to 20 on your list. You would query those notaries, and those notaries would return in response back to you what they have in terms of certificates for that site," O'Brien says. "So if you're under a man-in-the-middle attack, obviously what you're reporting as your certificate and what all of the other ones are reporting would be different. The idea is that you would distribute that trust around, and as a user you'd be able to change your list to whatever you want it to be."

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Editors' Choice
Jeffrey Schwartz, Contributing Writer, Dark Reading
Jai Vijayan, Contributing Writer, Dark Reading