• United States



SSL hackers immortalized by Firefox

May 26, 20093 mins
Core Java

Mozilla developers have immortalized the great SSL hack that researchers discussed at the Chaos Communication Congress last December.

You remember this one, an international team of researchers was able to create a fake certificate authority by exploiting collisions in the aging MD5 algorythm.

The whole thing unfolded as a bit of a mystery. Tuesday afternoon  SecTheory’s Robert Hansen told me about a weird thing he’d noticed in its Firefox browser. Firefox had added a strange certificate authority called MD5 Collisions Inc. to the “cert store” list of trusted authorities in the browser.

These certificate authorities are the trusted third parties used by the browsers to establish SSL connections. The whole point of the research was to show how that chain of trust could be undermined and a so-called rogue authority could be created. If the bad guys could do this, they could create SSL certificates for phishing sites, making them appear more trustworthy?

To make sure that their work wouldn’t be misused, the researchers created their rogue CA, using a certificate that expired in 2004, and they kept the private key used in their work secret so nobody else could set up the rogue cert.

Still, why was did Mozilla ad this MD5 Collisions cert to the browser? Had someone found a way to add another fake certificate authority directly to the browser?

“That’s exactly what I thought when I first noticed that too,” said Alexander Sotirov, one of the authors of the SSL hack,  when I asked him about this. “But the answer is more mundane. Mozilla blacklisted our cert by adding it into their cert store and setting all trust settings to “untrusted”. If you select the cert and click on the “Edit” button, you’ll see that the checkboxes that say “This certificate can identify websites/mail users/software makers” are all unchecked. This prevents our rogue cert from being used at all.”

Mozilla’s Jonathan Nightingale says useless cert was added shortly after team’s work was made public in late December. It’s an extra precaution against “a really bizarre case where that key had been compromised and someone was issuing rogue certs and one of our users had a rogue clock that though it was 2004,” he said.

A pretty unlikely scenario, for sure, but a theoretically possible one, I guess.

“We thought, let’s just shut it down,” Nightingale said.

Sotirov had an interesting take on the Firefox cert, though. “I find it flattering that our work was immortalized this way by Mozilla,” he said. “They will probably ship this cert as part of the their cert store as long as they ship browsers.”

Something for the other browser makers to think about, perhaps?