Connect with us

Hi, what are you looking for?


Management & Strategy

Examining Threats Facing Public Key Infrastructure (PKI) and Secure Socket Layer (SSL)

In recent SEC filings, VeriSign revealed they were repeatedly hacked during 2010. Though the company did not divulge what type of data was breached, the report raised serious concerns – particularly since VeriSign’s claim to fame was their position as a leader in the certificate issuance field.

In recent SEC filings, VeriSign revealed they were repeatedly hacked during 2010. Though the company did not divulge what type of data was breached, the report raised serious concerns – particularly since VeriSign’s claim to fame was their position as a leader in the certificate issuance field. So tightly is the VeriSign brand coupled with certificates that that when Symantec purchased this part of their business in August 2010, the security vendor chose to keep the name. We cannot jump to conclusions that the breach had to do with certificate issuance, but this type of incident serves as a reminder of the threats plaguing some of the Internet’s trust models and implementation. Namely, the Public Key Infrastructure (PKI) and Secure Socket Layer (SSL).

SSL and PKI AttacksWhile most of the research community is focused on pointing out inherent SSL protocol vulnerabilities and common implementation mistakes that could potentially be subverted for an attack, the hackers are focusing on more practical types of attacks against PKI and SSL. In this column, we will take a look at some of these attacks and the threat landscape facing PKI and SSL.

Some Background: PKI and SSL

In the real world, when we want to make sure a service is honest and delivers us the promised goods we ask for some sort of “seal of trust”. That “seal of trust” usually comes in the form of a certificate signed by a trusted notary that vouches for the legitimacy and honesty of that provider. For that model to work, both the business and the consumer need to trust that notary. 

The virtual world works in a similar fashion through an infrastructure called PKI. When we log onto a Web site, say a bank, the browser first requests the site provide it with a certificate guaranteeing that the site is what it appears to be. That certificate is “signed” by the digital equivalent of the notary, called the Certificate Authority (CA).

The certificate does not only guarantee the authenticity of the service, but also the confidentiality of communications between the user and the service. It does this by supplying the required components used to encrypt our transactions. Through the use of encryption, the protocol is able to guarantee the privacy and security of the transactions because it prevents some third party to eavesdrop or modify the transactions. The most popular method of encryption for these transactions is, generally speaking, SSL. When you see https:// (as opposed to just http://) in your browser, you know that SSL is in the works and your communication with the website is encrypted.

The increasing awareness to the confidentiality of our transactions (just recall how much media noise was made following the release of FireSheep) means that more companies are now deploying SSL. SSL is not restricted anymore only to our banking services. Take, Google for instance. At first, only the Gmail login page was encrypted. In time, the whole Gmail service supported encryption – by default. Google has now even added the search functionality to be accessed via https.

Threat #1: Attacks against PKI

Advertisement. Scroll to continue reading.

It’s easy to see the powerful role that the CA has in the PKI model. Since, at the base of this model is the underlying assumption that the CA is truthful, honest and legitimate. Consequently, a hacker who gains control on a CA can then use it to issue fraudulent certificates and then masquerade as any website.

Over the past year, attackers have repeatedly compromised various CA organizations. These include, DigiNotar, GlobalSign, Comodo and Digicert Malaysia. These attacks were a direct consequence of the commoditization of certificates, where smaller, less competent organizations have started to obtain a bigger share in the certificate authority market. As it stands now, any CA can issue a digital certificate for any application – without any required consent from application owner.

Last weekend, Trustwave published a blog entry which in itself shows how fragile is this system. As a CA, they had once issued a certificate specific to an unnamed private company which allowed the interception of all SSL communications within the company. As part of this admission, Trustwave also announced that they will not repeat this type of offering again.

Threat #2: The Theft of Issued Website Certificates

The problem here is that Web application certificates are not simply confined to being stored by the application. While SSL prevents access to traffic by attackers, it has no built-in mechanisms that allow restrictive access to it by collaborative third parties. For example, proxies, load balancers, content delivery networks (CDNs) need to access the certificate’s private key in order to access application data. Also data loss prevention and Web application firewall solutions require similar key access. As a result, the digital certificate is now stored in many locations – some residing outside of the site’s physical environment and out of the application’s owner control. These open up additional attack points which imply a higher success rate for attackers.

Threat #3: The Theft of Issued Code Signing Certificates

The problem is not only with online services. Also applications present certificates that attest to their legitimacy before performing sensitive operations. Therefore, code signing certificates are too a prime target for malware distributers. We’ve already witnessed this in the wild – Stuxnet for instance used a stolen certificate. More recently, a malware strain used a stolen certificate belonging to the Malaysian government.

Threat #4: Denial of Service attacks

Because of the encryption component – there is a heavy computational burden incurred when initiating the SSL communication. Therefore, SSL-protected resources are prime candidates for effective Denial of Service (DoS) attacks. Together with an increased consumption of computer resources per session, a multitude of simple attacks can be devised very efficiently.

Addressing the Threats

As for the denial-of-service attacks, it is possible to strengthen the applications using anti-DoS and anti-DDoS protections.

What about the other threats? The issues posed by PKI and SSL have gotten security researchers to explore improvements and alternatives. Google for instance, has recently published their proposal. Their enhancement includes adding server side support for a new strand of the encryption protocol. Their assumption is that 10 years from now someone might break the current encryption protocol and would use that capability to go back and decipher recorded streams. But understanding the problem leads half-way to the solution and unfortunately, this research does not address the above practical problems.

Nevertheless, the industry is humming. In fact, Moxie Marlinspike discussed a lot of these problems in Black Hat USA 2011. His project to amend the PKI issues is ongoing although, long due from being widely accepted.

As it stands now, the ground is still ripe for the research of an alternative, stronger model. It won’t be a simple solution and will require the collaboration of both academia and industry experts. Any volunteers?

Update 4/06/2012: It was brought to my attention that the attack against StartSSL was not successful as I had previously implied. I apologize if anyone or any company may have taken offense. I had no intention to point fingers but to present the real-world implications of attacks against certificate-issuing companies.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...