25C3: MD5 collisions crack CA certificate
A security research team has used MD5 collision attacks to create a rogue Certificate Authority (CA) certificate. The certificate is trusted by all common web browsers and allows them to impersonate any website on the internet, including HTTPS secured banking and e-commerce sites. Any certificate signed using the rogue CA certificate would also be trusted. The owners of such a certificate would be able to impersonate a site just by issuing themselves an appropriate certificate. The teams presentation at the 25th Chaos Communication Congress (25C3) was widely anticipated after a redacted entry appeared in the 25C3 schedule.
Using a weakness in the MD5 cryptographic hash function, which allows different messages to generate the same MD5 hash – known as an MD5 "collision", the international team of Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molinar, Dag Arne Osvik and Benne De Weger, have used one attack scenario to create a certificate which will be trusted by all browsers because it appears to be signed by one of the root CAs that browsers trust by default. The certificate can also be used to sign other certificates, which could allow attackers to carry out "practically undetectable phishing attacks".
The attack was performed using a cluster of 200 Playstation 3's and was "funded by Swiss Taxpayers". For the purposes of the demonstration the rogue CA certificate was set to expire in 2004, but Jacob Applebaum assured attendees that the expiry could be set for future dates.
The infrastructure of Certification Authorities is meant to prevent this kind of attack, but despite warnings, some root CAs are still using MD5, leaving people potentially exposed to the possibility of forged certificates. The team found the following CAs still using MD5; RapidSSL, FreeSSL, TC TrustCenter AG, RSA Data Security, Thawte and verisign.co.jp. They collected 30,000 certificates and found 9,000 of them were signed with MD5 and of them, 97 per cent were issued by RapidSSL. Because of this and other attributes of RapidSSL's procedures, such as use of sequential serial numbers in issued certificates, the researchers examined RapidSSL's certificates in greater depth.
By purchasing a certificate and then getting it reissued a number of times, data allowing prediction of the serial number was obtained, allowing the researchers to generate the certificate data to be signed over the course of just a few days. The predicted serial number was then passed to the Playstation 3 cluster which was asked to calculate both legitimate certificate data and bogus certificate data, which when MD5 hashed, would collide. When it came to the time the predicted serial number would be used by the CA, the researchers purchased a new legitimate certificate, hoping to get a certificate with the same serial number as they had predicted. It took four attempts to get the methodology to work and actually get a certificate with the same serial number, but the signature of the issued certificate was now valid on the bogus colliding certificate because of the MD5 collision.
To ensure that their demonstration certificate could not be used to create valid certificates for phishing attacks, or other evil deeds, the team intentionally created an expired CA certificate. They did find that it wasn't possible to revoke the certificate because of issues with how applications handle revocation. To prevent any repetitions of the attack by other parties, the team will not be releasing the details of their collision engine, or of the improvements they have made since 2007 to the process and they have contacted the CA's still using MD5 and have been assured they are moving to SHA1. EV Certificate Authorities are unaffected by the MD5 attack as EV CA's have never used MD5 for signing certificates.
The vulnerability is not in the SSL protocol or implementations of SSL in web browsers and servers. According to the researchers it is in the Public Key Infrastructure and other attack scenarios involving code signing, email security and other areas that involve certificates for digital signatures, or public key encryption. The teams biggest fear was of the legal ramifications, such as being gagged by a certificate authority, and while working with companies such as Microsoft and Mozilla, they protected themselves by getting the companies to sign non-disclosure agreements, to ensure they did not leak the information.
Although the Large Hadron Collider failed to collide anything in 2008, it appears the researchers, with their Small MD5 Collider have had much more success, though they do assure people that "The Internet is not completely broken".
- MD5 considered harmful today, the research paper
- Creating a rogue CA certificate, Alexander Solitov abstract and links