More CAs Report Breaches, Suspend Issuing SSL Certificates

Two more certificate authorities have recently uncovered breaches in their networks and suspended issuing new digital certificates, prompting new concerns about trusting the CA system and the danger of relying on a system riddled with so many problems.

The largest CA in Netherlands, KPN/Getronics, suspended its certificates business after discovering a distributed denial-of-service tool on one of its Web servers, the company said in a statement Nov. 4. The tool may have been on the server for at least four years. The Web servers have been replaced.

"Although there is no evidence that the production of the certificate is compromised, it cannot be completely excluded that this did happen," KPN/Getronics said in a statement, as translated by Google.

The breach was discovered as part of a "deeper" investigation in KPN's network and processes, spurred by recent attacks against certificate authorities around the world, according to the statement.

"As companies are ramping up internal security, I fully expect to see more 'old breaches' like this one uncovered," Roel Schouwenberg, a senior antivirus researcher at Kaspersky Lab, wrote on the Securelist blog. He also wondered how a DDoS tool could have gone undetected for four years.

The Electronic Frontier Foundation's SSL Observatory found in a recent analysis that at least four separate CAs have been compromised in the past four months. The EFF looked at certificate revocation lists for SSL certificates as self-reported by the CAs. In June, 10 individual CAs reported revoking a total of 55 certificates because of a compromise. In mid-October, 14 separate CAs had revoked 248 certificates because of a compromise, EFF found.

"From this data, we can observe that at least four CAs have experienced or discovered compromise incidents in the past four months. Again, each of these incidents could have broken the security of any HTTPS Website," Peter Eckersley, the EFF's technology project director, wrote in an analysis of the data.

The only major CA compromise that was disclosed since June was the attack on Dutch certificate DigiNotar. The CA admitted in September to a June breach where more than 500 fraudulent certificates had been issued to high-profile sites, such as google.com and the Website for the Central Intelligence Agency. The attacker who claimed credit for the attack had said he had compromised several other CAs but declined to name them. Mozilla issued requests to all major CAs to review their systems and policies to verify they were secure, or risk getting blocked from Firefox.

The KPN breach is a problem for many users as many of them moved to KPN after DigiNotar came clean about the certificates and all major Web browsers revoked the root certificate. DigiNotar filed for bankruptcy last month.

The KPN announcement came a few days after Entrust revoked 22 digital certificates issued by Digicert, its Malaysia-based reseller. Digicert had issued 22 certificates with weak 512-bit keys and were missing certificate extensions and revocation information.

"Entrust had a relationship with Digicert in which Entrust issued a cross certificate for Digicert Malaysia. However, as a result of this contract violation, Entrust has ended its relationship with Digicert Malaysia," an Entrust spokesperson told eWEEK.

Entrust told Chester Wisniewski, a senior security advisor at Sophos, that two of the certificates had been used to sign malware used in a spear phishing attack against another Asian CA. The attack used three other certificates from a different CA, suggesting "we may be posting a follow-up soon about another certificate authority with similar issues, or a compromise," Wisniewski wrote on the Naked Security blog.

"Regarding audit, we learned a big lesson with this one–trust but confirm," Entrust told Sophos, noting that Digicert had passed an initial audit but were not in compliance.

Mozilla revoked trust in all certificates issued by Digicert Malaysia in Firefox 8 and Firefox 3.6.24, released Nov. 8. Mozilla noted on its security blog that the problem certificates had been issued to Malaysian government Websites and internal systems. "We do not believe other sites are at risk," Mozilla said.

Since the weak keys in the certificate could be exploited to allow an attacker to impersonate the legitimate owner and trick the user into thinking the Website or software was legitimate, Microsoft will update Internet Explorer to revoke trust in Digicert Malaysia, Jerry Bryant, group manager of response communications for Microsoft's Trustworthy Computing group, wrote on the blog.

Google has blocked the serial numbers that correspond to the 22 certificates for its Chrome browser. Apple also revoked the certificates in its mobile Safari browser in the latest iOS 5.0.1 update.

The EFF is working on a proposal for solidifying the CA infrastructure, according to Eckersley. "There are a lot of ways to break HTTPS/TLS/SSL today, even when Websites do everything right," he wrote. "We will set out an EFF proposal for reinforcing the CA system, which would allow security-critical Websites and email systems to protect themselves from being compromised via an attack on any CA in the world," he added.