Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

09:23 AM

SSL Certificates May Offer False Sense Of Trust

Researcher points to fundamental problems in SSL and DNSSEC, and says it's time for users to take control of trust.

The web of trust created by secure socket layer (SSL) certificates has fundamental problems that carry over into the secure extensions of the domain name system, security researcher Moxie Marlinspike told attendees at the Defcon hacking convention in Las Vegas on Friday.

Because software that uses SSL encryption relies on companies whose authority to sign certificates cannot easily be revoked, the technology does not provide the agility to respond to events, such as the breach of certificate authority Comodo earlier this year, Marlinspike said. The security extensions to the domain name system (DNSSEC), which places certificates in the DNS record for added security, have greater problems because you cannot revoke the authority of the root provider, he argued.

"This system actually provides reduced trust agility," Marlinspike told attendees. "Today I can still choose to remove Verisign from the list of trusted certificate authorities in my browser, but there is nothing I can do to stop Verisign from managing the .com and .net lookups."

Marlinspike proposed a system of collective trust, dubbed Convergence, that solves these issues. Instead of certificate authorities, the system uses notary servers that check that the same certificate is returned for a domain lookup from disparate network and geographical locations, which eliminates the risk of a man-in-the-middle attack, he said.

The technology, which Marlinspike implemented as a Firefox plug-in, obeys two tenets of the researchers' idea of trust agility that SSL certificates do not: First, the decision to trust a particular organization should not be permanent. If the organization proves untrustworthy in the future, then a user should be able to revoke the organizations trust.

"There are plenty of organizations that I trust today to secure my transactions for me," Marlinspike said. "But what is insane [with SSL] is that I must identify an organization, or a set of organizations, that I'm willing to trust not just now, but forever."

The second part of trust agility is to empower the user to change his mind about trusting an organization in the future.

Read the rest of this article on Dark Reading.

The vendors, contractors, and other outside parties with which you do business can create a serious security risk. Here's how to keep this threat in check. Also in the new, all-digital issue of Dark Reading: Why focusing solely on your own company's security ignores the bigger picture. Download it now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
10/13/2011 | 1:40:30 AM
re: SSL Certificates May Offer False Sense Of Trust
Moxie's talk just wowed everyone this was amazing. Another great talk this year on breaking SSL at Blackhat was ioactive's security researcher Mike Ridpath's, which just to show you that this is a hot topic this year by the world's top security researchers. Moxie' talk showed based on trust agility and Ridpath's on pattern matching response times. It is obvious something needs to be done regarding SSL. I can only hope researchers move more into this direction instead of just breaking it, but providing multiple solutions that the IEEE can work with.
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Intel Issues Fix for 'Plundervolt' SGX Flaw
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/11/2019
Register for Dark Reading Newsletters
White Papers
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-12-14
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
PUBLISHED: 2019-12-14
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
PUBLISHED: 2019-12-13
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition...
PUBLISHED: 2019-12-13
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.
PUBLISHED: 2019-12-13
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board m...