The small image of a padlock in the corner of your browser may not accurately indicate that a Web-site connection is secure  , according to new research. A team of U.S. and European researchers used a computing grid of more than 200 Sony PlayStation 3 video-game machines to create fake certificates and fool a browser into thinking it had a secure connection with a trusted site.
A EU Collision Attack
Researchers from California, teams from the Centrum Wiskunde & Informatica (CWI) and Eindhoven University of Technology in the Netherlands, and teams from the Ecole Polytechnique Federal de Lausanne (EPFL) in Switzerland presented a paper Tuesday at the 25C3 security congress in Berlin. They showed that they were able to generate two messages with one digital signature, similar to the process of an older digital-certificate system, using an algorithm called MD5.
A user who visits a Web site whose URL begins with https usually sees a locked padlock in a browser corner, indicating that the site employs a digital certificate issued by one of several trusted certificate authorities. The browser verifies the certificate, using one of several algorithms, including, for some sites, MD5.
The MD5 digital-certificate system is still in use by many sites, and could enable third parties to create fake certificates and fool a browser into thinking it was visiting a secure site. A more modern and secure digital-certificate system is used by many sites.
The vulnerability was first identified four years ago by Chinese researchers, who had created a collision attack by generating two different messages with the same digital signature. But the amount of computing power needed to generate a fake certificate was considered a huge obstacle to anyone attempting to take advantage. By one estimation at the time, a desktop computer would need more than 30 years to generate such a fake certificate.
But the paper presented in Berlin demonstrated that the researchers, using PS3s in a cluster, were able to generate two fake certificates with the same digital signature in only three days.
Ending the Use of MD5
Security experts had mixed responses. Bruce Schneier, chief security technology officer for British Telecom, told The New York Times that most people don't rely on digital certificates. When was the last time you checked your browser certificates to make sure they're good, he asked.
But other security researchers have suggested that the research could have an enormous impact, affecting virtually every browser as well as e-mail, chat servers, and online collaboration . Although only some sites use the older digital certificates, all browsers will accept them.
Using this weakness, for instance, it would be possible to set up virtually undetectable phishing sites that a browser identifies as trusted and secure.
Arjen Lensa, head of EPFL's Laboratory for Cryptologic Algorithms, said the major browser makers, such as Mozilla and Microsoft , have been informed of the vulnerability.
The immediate goal of the research is to end the use of the MD5 algorithm, which is still being used by some certificate authorities. CWI cryptanalyst Marc Stevens said it's imperative to migrate to more robust alternatives such as SHA-2 and the upcoming SHA-3 standard.
|
