Encryption test for iPhone

Recurity Labs has created a test page to demonstrate the flaw in Apple's iOS that was disclosed yesterday. Only users who are already running the current version, iOS 4.3.5, are immune to the problem.

If the test page at https://issl.recurity.com/ is displayed without warning, this means that iOS doesn't properly check the certificate chain, and that it fails to notice that the intermediate certificate was produced by someone who isn't permitted to generate such digital signatures. Correct SSL implementations will respond by issuing an untrusted certificate warning when a user tries to access the page.

Gregor Kopf, who discovered the hole, particularly warns of "wildcard" certificates. These certificates are intended for such names as *.h-online.com that are valid for all the hosts within a domain; for example mail.h-online.com or www.h-online.com. However, an attacker can potentially exploit this mechanism to issue a certificate for domains such as *.*, *.*.* etc., that would be valid for any server name. The only thing that is required to do this is a valid certificate for an arbitrary domain whose secret key is known to the attacker.

Bogus certificates can be used to listen to network traffic that is encrypted with the intention of preventing attackers from doing just that. To be successful, an attacker must become a "Man in the Middle" between the iOS device and the target server. This is particularly easy if the attacker is signed into the same network as the iOS device – for instance a public Wi-Fi network. Users who want to protect their devices must install iOS 4.3.5. No protection is currently available for iPhone 3G and jailbroken devices.

(djwm)