At the 25th Annual Chaos Communications Congress, a team of 7 researchers from the United States, Switzerland and the Netherlands, revealed a significant vulnerability in the Public Key Infrastructure (PKI) and demonstrated a serious exploit based on it. What this means is that your well-guarded systems are wide open to a new form of attack. That is not the kind of news you want to hear at this time of year.
But fortunately, it is only half the story. The other half of the story is much more encouraging and empowering. CyLab already has developed a system that is able to thwart such an attack. Perspectives, and the way in which it addresses this new exploit, offers an excellent example of CyLab’s commitment to “harness the future to secure the present.”
First, more details on the new vulnerability and the exploit: Alexander Solitov and several other researchers have succeeded in creating a bogus Certification Authority (CA) certificate by exploiting an MD5 hash collision, which allows them to create arbitrary Man in the Middle (MitM) attacks on SSL/TLS. (For more information on this attack, visit the researchers' website.) Using this method, an attacker on the network path between the client and server can effectively eavesdrop and alter "encrypted and authenticated" SSL/TLS communication. In other words, an attacker could read your username and password when logging in to your on-line banking account. To get onto the path is quite simple through DNS-based redirection, malicious access points, as well as exploitation of public wireless environments.
Of course, several other vulnerabilities exist in SSL/TLS, e.g., MitM attacks can also be enabled by the leaking of a CA's private key, or a malicious CA root key injected into the browser or installed by users through instructions received through spam email. PhD student Dan Wendlandt along with his advisors Dave Andersen and Adrian Perrig from Carnegie Mellon CyLab have already developed and released Perspectives, a system to help users protect themselves against such attacks; but Perspectives can also address the new exploit by Solitov et al.
Available as a Firefox plug-in, Perspectives has an estimated 30,000 users. When the browser opens an HTTPS connection (and thus establishes an SSL/TLS connection with the web server), Perspectives contacts several globally distributed notary servers, which keep a history of servers' SSL/TLS public keys. If the key history from the network notaries does not match the received server key, Perspectives warns the user about a possible attack.
To allow Perspectives to detect the rogue certificate attack, you must instruct it to contact Notaries for all HTTPS sites (not only for self-signed certificates, which is the default setting), even if your browser considers the certificate valid.
Select Tools->Add-ons->Perspectives and then click on the "Preferences" tab and select the option "Contact Notaries for all HTTPS sites" to enable such verification.
The Firefox plug-in works for Windows, Mac and Linux, and can be downloaded and installed from http://www.cs.cmu.edu/~perspectives/firefox.html#install.
The project web site is at http://www.cs.cmu.edu/~perspectives/.
Technical details are available from our paper available at http://sparrow.ece.cmu.edu/group/pub/wendlandt-andersen-perrig-usenixatc08.pdf.
Additional information about the attack and Perspectives is available at http://www.cs.cmu.edu/~perspectives/md5.html.
See all CyLab News articles