SSL compromised...

By donmc, 6 January, 2009


In a statement made public on December 30th, the following researchers: Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Weger said:

"We have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol."

In response, Verisign had this to say:
"We applaud security research of this sort and are glad that white hats like the "MD5 Collision Inc." group make a point of investigating online security."
"We have discontinued using MD5 when we issue RapidSSL certificates, and we've confirmed that all other SSL Certificates we sell are not vulnerable to this attack. We'll continue on our path to discontinue MD5 in all end entity certificates by the end of January, 2009."
"... any customer who would like to do so can replace any MD5-hashed certificate free of charge."