After catching up on some much needed sleep, I headed out for 25C3. It was the closing day and it didn't have as much presentations as the previous days.
First of all, I checked up on the rumors about the talk "Attacking the critical infrastructure". And it appeared the guess from Errata Security hit the nail (see previous predictions 'Creating a rogue root CA certificate)! Read on below for details.
Presentation 1: I started with Not Soy Fast: Genetically Modified, Resource Greedy, and coming to a Supermarket Near You. Soy has been a healthy source of proteins for some time, but genetically modified soy comes with a price (in more than one way). A very non IT talk but you should have a look at the issues as soon as the video becomes available.
Presentation 2 was about Wikileaks. I know Wikileaks from a really small workshop presentation during 24C3. This time, they got the big room in Salle 1 and talked about experiences that they made within the first year of its operation. As well as the impact activities on Wikileaks had in various parts of the globe, technical, political and legal challenges faced as well as give an overview of the state of classic and internet media today.
When the presentor was talking about how they stripped the metadata from documents before uploading them to Wikileaks, I immediately thought of the whitepepaper from Larry Pesce: Document Metadata: the Silent Killer. More compenies should screen word documents and the likes before uploading them! It's a form of information disclosure often overlooked.
They discussed about investigative journalism, and how it was the fourth estate. The 4th estate as 'the' supposedly independent control over the state, is inherently important to any society and its development.
The speakers view it as being currently clinically dead, bankrupt and headed in a dangerous direction. A lot of articles of online newspapers sometimes just seem to disappear after a while. Probably because of legal threats. This is a form of present day censorship.
The mentioned a cool quote from George Orwell: "he who controls the present, controls the past, he who controls the past, controls the future."
The new media and bloggers can help but face several issues. Often a lot of content gets copied & pasted from other sites and few bloggers do actually any investigations of their own. Also, it's fairly easy to get the blog shut down through the blog hoster. So Wikileaks asked for more original source information.
Currently there are only 17 investigation reporters still active in the USA. Wikileaks has developed mechanisms that can actively help to address these problems and has proven from experience, that it would lead to change and reform. These mechanisms and others in their effectiveness only depend on the awareness and involvement of the public, on our all 'making use of them'. So let's help them!
About 5 minutes before the next talked, I observed the link to the published research on the MD5 CA attack on my twitterscope: http://www.win.tue.nl/hashclash/rogue-ca/
I know it was a little bit cheating but I started quickly glancing through this research. Then the talk started!!!
Presentation 3: MD5 considered harmful today (25C3 page). This was the talk with few or no details until a few hours before. Basically, the researches were able to use a MD5 collision to create a rogue Certification Authority. Certificate auhorities are trusted third parties that validate the owner of a website and sign their website certificates. This is there trusted role. None can become a CA just like that. So this is a cornerstone of PKI (Public Key Infrastructure).
Actually, this was nothing new!! (I'm not going to belittle their effort, hang on).
The first big dent in MD5 was made with "Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD" (pdf), August 2004. Taking it a step further, lead to the 2007 paper: "Chosen-prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities", Feb. 2007" (pdf)
So theoretically, it has been possible for some time for someone to execute this attack. Now it was this team's achievement to actually proof it could be done.
So they found that there were certificate authorities that were still signing certificates with MD5.
Here is the list from their slides:
- RapidSSL
- FreeSSL
- TrustCenter
- RSA Data Security
- Thawte
- verisign.co.jp
It still required quite some computing power to get it right. In this case, they built a small supercomputer made from 200 Playstation 3's!!! Coolness bonus points achieved! This is the equivalent of 8000 CPU cores or about 20.000$ on Amazon EC2.
Here is a link to some high quality pictures of the cluster (www.win.tue.nl) they used.
So what did they achieve? An intermediate signing CA certificate which can generate unlimited valid certificates, thus breaking the tree of trust in PKI.
Just check it by re-setting you clock back to August 2004 and surf to their demo site: https://i.broke.the.internet.and.all.i.got.was.this.t-shirt.phreedom.org/
So is the internet doomed? Of course not, this is not an attack a script kiddie could perform with some downloadable tool. But organized crime with some talented people and enough resources on board could create some serious impact. The Certificate Authorities have taken action (verisign.com) since the presentation. No need to panic. It would only have impacted the 10% of internet users who don't click away certificate warnings (sarcastic joke).
I could go a bit further on the MD5 story but that would exceed the purpose of just an overview of a 25C3 talk. Expect more info in a separate post.
So we closed 25C3 with a bang!! It was a great congress and I will be counting down to 25C6 !!! CU There!!!
Previous posts:
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Flickr
0 comments:
Post a Comment