Wednesday, August 10, 2011

SSL Certificates May Offer False Sense Of Trust

SSL Certificates May Offer False Sense Of Trust

Researcher points to fundamental problems in SSL and DNSSEC, and says it's time for users to take control of trust.

The web of trust created by secure socket layer (SSL) certificates has fundamental problems that carry over into the secure extensions of the domain name system, security researcher Moxie Marlinspike told attendees at the Defcon hacking convention in Las Vegas on Friday.

Because software that uses SSL encryption relies on companies whose authority to sign certificates cannot easily be revoked, the technology does not provide the agility to respond to events, such as the breach of certificate authority Comodo earlier this year, Marlinspike said. The security extensions to the domain name system (DNSSEC), which places certificates in the DNS record for added security, have greater problems because you cannot revoke the authority of the root provider, he argued.

More Security Insights

Webcasts

We spoke with Chris Sather, Product Management for Network Defense at McAfee about McAfee's next generation firewalls that analyze relationships and not protocols.PGP CEO Phil Dunkleberger talks to us about the latest Ponemon research data, which will show a higher cost from legal fees and targeted malware.PGP CEO Phil Dunkleberger talks about the newest features of PGP, and some of the trends driving where its technology is going.
We spoke with Chris Sather, Product Management for Network Defense at McAfee about McAfee's next generation firewalls that analyze relationships and not protocols.

"This system actually provides reduced trust agility," Marlinspike told attendees. "Today I can still choose to remove Verisign from the list of trusted certificate authorities in my browser, but there is nothing I can do to stop Verisign from managing the .com and .net lookups."

Marlinspike proposed a system of collective trust, dubbed Convergence, that solves these issues. Instead of certificate authorities, the system uses notary servers that check that the same certificate is returned for a domain lookup from disparate network and geographical locations, which eliminates the risk of a man-in-the-middle attack, he said.

The technology, which Marlinspike implemented as a Firefox plug-in, obeys two tenets of the researchers' idea of trust agility that SSL certificates do not: First, the decision to trust a particular organization should not be permanent. If the organization proves untrustworthy in the future, then a user should be able to revoke the organizations trust.

"There are plenty of organizations that I trust today to secure my transactions for me," Marlinspike said. "But what is insane [with SSL] is that I must identify an organization, or a set of organizations, that I'm willing to trust not just now, but forever."

The second part of trust agility is to empower the user to change his mind about trusting an organization in the future.

Read the rest of this article on Dark Reading.

The vendors, contractors, and other outside parties with which you do business can create a serious security risk. Here's how to keep this threat in check. Also in the new, all-digital issue of Dark Reading: Why focusing solely on your own company's security ignores the bigger picture. Download it now. (Free registration required.)

Source: http://www.informationweek.com/news/security/vulnerabilities/231300461?cid=RSSfeed_IWK_Internet

cee lo green forget ... blake shelton

No comments:

Post a Comment