Replacing the CA System, Millions of Clients at a Time

The Internet was not designed to be a secure network, not by any stretch of the imagination. It was meant to enable giant PDPs and IMPs at one college to talk to their brethren at another college across the country. SSL was an attempt to impose some level of security and trustability on this system after the fact, but the last few years have shown that it has a lot of limitations, and to some degree has given users a misplaced faith in the fragile certificate authority infrastructure. Now, security researcher Moxie Marlinspike is hoping to change some of that.

The Internet was not designed to be a secure network, not by any stretch of the imagination. It was meant to enable giant PDPs and IMPs at one college to talk to their brethren at another college across the country. SSL was an attempt to impose some level of security and trustability on this system after the fact, but the last few years have shown that it has a lot of limitations, and to some degree has given users a misplaced faith in the fragile certificate authority infrastructure. Now, security researcher Moxie Marlinspike is hoping to change some of that.

Marlinspike has been working on and thinking about the problem of authenticity, especially as it’s applied to the CA infrastructure, for some time. His work on the weaknesses and problems of the CA system and the way that SSL is deployed and trusted have broken quite a bit of ground in recent years. At Black Hat DC in 2009, he debuted a tool called SSLstrip that can hijack all of the HTTP traffic on a network and look for SSL requests and then redirect those requests to non-SSL sites, removing the security of the SSL protocol.

His latest project is a client-side software tool, which he’ll be releasing at Black Hat in Las Vegas next month, designed to help replace the CA infrastructure and allow users to avoid relying on it for matters of trust and authenticity. Built for Firefox, the tool is Marlinspike’s effort to bring some of the intended authenticity back to the SSL and CA system, with minimal effort on the user’s part.

“This is my attempt at an authenticity replacement for SSL. I’ve been using it for the last few months, and it’s working well,” Marlinspike said. “It takes you off the CA system everywhere you go.”

In his talk at Black Hat, Marlinspike will discuss many of the problems that have cropped up in the SSL world recently, many of which have caused serious issues and called into question the viability of the model itself. The clearest example in recent months is the attack on Comodo, which involved an attacker compromising a Registration Authority affiliated with Comodo and then issuing himself valid certificates for domains belonging to Google, Yahoo, Skype and other companies.

Marlinspike, founder of start-up Whisper Systems, which makes encryption and privacy tools for mobile devices, said that the same issues will continue to arise unless something is done to change the model.

“There’s been a lot of talk about CAs lately, and really, they’ve always caused friction,” he said. “The same things come up again and again. I’m interested in examining the problems we’re facing now. I’m trying to synthesize what the problem actually is.”

Various proposals over the years have sought to replace the CA model with similar architectures, but none has gained much ground.

“It’s naive to think that we can start over. We need something that’s easy, transparent and backward compatible,” Marlinspike said. “I would like to put that transparency on the client side instead of the server. There are fewer clients, and if you make changes there, you hit everything.

“There are a lot of servers and the people maintaining them historically haven’t shown a great interest in providing the best secure communications experience. We struggle to get them to deploy SSL in a meaningful way. So to think that they’re going to aggressively deploy something else might be naive.”

Suggested articles

Discussion

  • wiedzmin on

    This should be interesting, looking forward to seeing this... thought I suspect that it might be something WOT or BitCoin like as far as authenticity determination goes?

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.