Re: SSL security flaw with MD5 certificates announces today

Author	All Replies
TKJunkMail Enjoy the sun Premium join:2002-03-03 Avalon, NJ ·Sprint Mobile Broa.. ·Comcast 1 edit	reply to TKJunkMail Re: SSL security flaw with MD5 certificates announces today Here is a link that does a nice job of explaining how this vulnerability can be exploited: »www.freedom-to-tinker.com/blog/f···ificates An example of the MD5 & SHA1 hashes for google gmail: It is these fingerprints that would be forged.
	to forum · permalink · · 2008-12-30 11:39:44 ·
Steve I'm a PC, so shut up Consultant join:2001-03-10 Yorba Linda, CA	... and here's an excellent backgrounder on Crypto Hashing An Illustrated Guide to Cryptographic Hashes
	to forum · permalink · · 2008-12-30 12:07:28 ·
antiphishing Phishing Scam Terminator Premium join:2004-06-09 Wilkes Barre, PA	reply to TKJunkMail Researchers devise undetectable phishing attack Researchers devise undetectable phishing attack Researchers were able to hack Verisign's RapidSSL.com certificate authority and create fake digital certificates for any Web site on the Internet * By Robert McMillan, IDG News Service December 30, 2008 With the help of about 200 Sony Playstations, an international team of security researchers have devised a way to undermine the algorithms used to protect secure Web sites and launch a nearly undetectable phishing attack. To do this, they've exploited a bug in the digital certificates used by Web sites to prove that they are who they claim to be. By taking advantage of known flaws in the MD5 hashing algorithm used to create some of these certificates, the researchers were able to hack Verisign's RapidSSL.com certificate authority and create fake digital certificates for any Web site on the Internet. Hashes are used to create a "fingerprint" for a document, a number that is supposed to uniquely identify a given document and is easily calculated to verify that the document has not been modified in transit. The MD5 hashing algorithm, however, is flawed, making it possible to create two different documents that have the same hash value. This is how someone could create a certificate for a phishing site having the same fingerprint as the certificate for the genuine site. Using their farm of Playstation 3 machines, the researchers built a "rogue certificate authority" that could then issue bogus certificates that would be trusted by virtually any browser. The Playstation's Cell processor is popular with code breakers because it is particularly good at performing cryptographic functions. They plan to present their findings at the Chaos Communication Congress hacker conference, held in Berlin Tuesday, in a talk that has already been the subject of some speculation in the Internet security community. The research work was done by an international team that included independent researchers Jacob Appelbaum and Alexander Sotirov, as well as computer scientists from the Centrum Wiskunde & Informatica, the Ecole Polytechnique Federale de Lausanne, the Eindhoven University of Technology and the University of California, Berkeley. Although the researchers believe that a real-world attack using their techniques is unlikely, they say that their work shows that the MD5 hashing algorithm should no longer be used by the certificate authority companies that issue digital certificates. "It's a wake up call for anyone still using MD5," said David Molnar a Berkeley graduate student who worked on the project. In addition to Rapidssl.com, TC TrustCenter AG, RSA Data Security, Thawte and Verisign.co.jp all use MD5 to generate their certificates, the researchers say. Launching an attack is hard, because the bad guys must first trick a victim into visiting the malicious Web site that hosts the fake digital certificate. This could be done, however, by using what's called a man-in-the-middle attack. Last August, security researcher Dan Kaminsky showed how a major flaw in the Internet's Domain Name System could be used to launch man-in-the-middle attacks. With this latest research, it's now become easier to launch this type of attack against Web sites are secured using SSL (Secure Sockets Layer) encryption, which relies on trustworthy digital certificates. "You can use kaminsky's DNS bug, combined with this to get virtually undetectable phishing," Molnar said. Make Your Enterprise More Effective - read this white paper. "This isn't a pie-in-the-sky talk about what may happen or what someone might be able to do, this is a demonstration of what they actually did with the results to prove it," wrote HD Moore, director of security research at BreakingPoint Systems, in a blog posting on the talk. Cryptographers have been gradually chipping away at the security of MD5 since 2004, when a team lead by Shandong University's Wang Xiaoyun demonstrated flaws in the algorithm. Given the state of research into MD5, certificate authorities should have upgraded to more secure algorithms such as SHA-1 (Secure Hash Algorithm-1) "years ago," said Bruce Schneier, a noted cryptography expert and the chief security technology officer with BT. RapidSSL.com will stop issuing MD5 certificates by the end of January and is looking at how to encourage its customers to move to new digital certificates after that, said Tim Callan, vice president of product marketing with Verisign. But first, the company wants to get a good look at this latest research. Molnar and his team had communicated their findings to Verisign indirectly, via Microsoft, but they have not spoken directly with Verisign, out of fear that the company might take legal action to quash their talk. In the past, companies have sometimes obtained court orders to prevent researchers from talking at hacking conferences. Are you ready for event-driven business? - watch this webcast. Callan said that he wished that Verisign had been given more information. "I can't express how disappointed I am that bloggers and journalists are being briefed on this but we're not, considering that we're the people who have to actually respond." While Schneier said he was impressed by the math behind this latest research, he said that there are already far more important security problems on the Internet -- weaknesses that expose large databases of sensitive information, for example. "It doesn't matter if you get a fake MD5 certificate, because you never check your certs anyway," he said. "There are dozens of ways to fake that and this is yet another." -- Specializing in "takes downs" of phishing and advance fee scams Send your Phishing/Advance fee scams to: phish@antihotmail.com »/profile/1021645 »fraudwatchers.org/forums/
	to forum · permalink · · 2008-12-30 15:01:43 ·
EGeezer Go Bobcats Premium join:2002-08-04 Country! ·Callcentric ·RoadRunner Cable ·AT&T CallVantage	Another opportunity for Cain & Abel and Rock Phish Although the researchers believe that a real-world attack using their techniques is unlikely, ... Launching an attack is hard, because the bad guys must first trick a victim into visiting the malicious Web site that hosts the fake digital certificate. This could be done, however, by using what's called a man-in-the-middle attack. ... "You can use kaminsky's DNS bug, combined with this to get virtually undetectable phishing," Molnar said. ... I'd also guess that it's very feasible for a miscreant to enter a wireless hotspot with a laptop and use ARP cache poisoning to redirect and serve other users hacked certificates to fake sites created with Rock Phish kits. Before, with Cain & Abel, the cert would have been flagged as "unknown issuer". Now, a perfectly legit looking cert can be handed to the client system. This certificate vulnerability will also present opportunities for folks setting up rogue hotspots. -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis
	to forum · permalink · · 2008-12-30 15:30:21 ·
Kiwi Premium join:2003-05-26 USA ·Comcast ·Aristotle Internet	reply to Steve Re: SSL security flaw with MD5 certificates announces today That's a pretty good explanation for those wishing to learn a thing or two and in spite of the MD5 from hell scare going on; anybody with an interest can easily tell this is getting blown into a mountain. MD5 and hash checks have been around for years and so have the holes, nothing new here. First line of defence is not an MD5 correlation, particularly in the business world; it's just another layer.
	to forum · permalink · · 2008-12-30 20:32:31 ·


Friday, 27-Nov 16:17:21	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF